General

  • Target

    e3f6264aea5137c2e65b7d8d7.bin

  • Size

    137KB

  • Sample

    230625-mfjgcsdg25

  • MD5

    2c359757fec0d02a99584546bc59d8f7

  • SHA1

    11019f3056bd51e89c3994f0f90e9790f7751ce8

  • SHA256

    81b3ffd948b8b6362551f7b3aa5c75d6b2f7c81737c9fdcfa54c2a2734903243

  • SHA512

    2d4fbc3316c744c1f493a25bafb442b4d305c63b286878908705132dabb0213157b507160e85f80369a543fd369942e85dcb48a0f953059c889a5701127eccf3

  • SSDEEP

    3072:gS0p3lpYOjYRDZYRWqkmE9vgmw6K8xWyO0kbxE218sIId:0pbYYDRvBEhL/o99T

Malware Config

Targets

    • Target

      66aba326f753f1d952e03cdae48806b64965572b400a9ad38da882d55515a2d5.exe

    • Size

      237KB

    • MD5

      e3f6264aea5137c2e65b7d8d783be036

    • SHA1

      bb4bbda5d2260d48941614b42f8f0cc911a6e444

    • SHA256

      66aba326f753f1d952e03cdae48806b64965572b400a9ad38da882d55515a2d5

    • SHA512

      ca3ec206d9b0757ef09bed99eb776825874ac060e76b9a3f266257d560a260f7b5ea55160efb8adeb4f19c4a4fb77524ef56f502d27abb951562771bfa1b919b

    • SSDEEP

      3072:jAmX/joXL0K0ZzpFpRGNFlQ850uaGYJlYtP2zS5g1eCydFso7deM2H702:FX/yLMzpFpRGNMi0JGYJtN1eCACoS

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer payload

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks