Overview

overview

10

Static

static

3

OriginalBuild.exe

windows7-x64

1

OriginalBuild.exe

windows10-1703-x64

10

OriginalBuild.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OriginalBuild.exe

  • Size

    287KB

  • Sample

    230624-s9kjeacg7x

  • MD5

    29fbc03a62b38c10517ee8106f72f009

  • SHA1

    cf4f3a601b017bcf326224cd4350495f5a3fce4e

  • SHA256

    9fab5219010d1d94f0543a2425b0371625993342e587885cc6f06b10ef6fdae5

  • SHA512

    0364d326939331058c95ddadd609a947f450b8f1f290756ed39d94d0c82d7f2259317c11a2e5c367f0855606b895c3865dfdcec42f2e9dd4b06ca4e10c6d5054

  • SSDEEP

    6144:ZubqeBN9wzg4BVrUCOhPHf54oYePocjkRSZcJT:ZNEYOh/jwc1ZmT

Score
10/10
raccoonstealer

Malware Config

Targets

    • Target

      OriginalBuild.exe

    • Size

      287KB

    • MD5

      29fbc03a62b38c10517ee8106f72f009

    • SHA1

      cf4f3a601b017bcf326224cd4350495f5a3fce4e

    • SHA256

      9fab5219010d1d94f0543a2425b0371625993342e587885cc6f06b10ef6fdae5

    • SHA512

      0364d326939331058c95ddadd609a947f450b8f1f290756ed39d94d0c82d7f2259317c11a2e5c367f0855606b895c3865dfdcec42f2e9dd4b06ca4e10c6d5054

    • SSDEEP

      6144:ZubqeBN9wzg4BVrUCOhPHf54oYePocjkRSZcJT:ZNEYOh/jwc1ZmT

    Score
    10/10
    raccoonstealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Blocklisted process makes network request

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks