raccoon | 03e96c022c76316f6b1db47895edb89666072c1b7104b863a9d229ea74b2ef0a | Triage

Submit
Reports

Overview

overview

Static

static

3

972abf3179...65.exe

windows7-x64

972abf3179...65.exe

windows10-2004-x64

Sharing

General

Target

972abf3179291dfac99397b5ae996365.exe
Size

800KB
Sample

230630-q5sywadb74
MD5

972abf3179291dfac99397b5ae996365
SHA1

8272904cb904a2c2103106023c039ee8515721e0
SHA256

03e96c022c76316f6b1db47895edb89666072c1b7104b863a9d229ea74b2ef0a
SHA512

c4d778f594de65974e53069a79660d7dc1073d2bceea76bcdf1b9037a5e9d6c5cf013b8b45723a255d9a288fb5edb17d110a8b5fef7818b44b1126135c409c74
SSDEEP

12288:I8v8SqEnVG0PmTh+kAUsdKI7iuNpH7K/:cfh+kfG7Dq

Score

10^/10

raccoon 3�f�ff3�f�3�f��h_^[��ef0d247d8b1fe318a7366ceff90b173d stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

972abf3179291dfac99397b5ae996365.exe

Resource

win7-20230621-en

raccoon 3�f�ff3�f�3�f��h_^[��ef0d247d8b1fe318a7366ceff90b173d stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

972abf3179291dfac99397b5ae996365.exe

Resource

win10v2004-20230621-en

raccoon ef0d247d8b1fe318a7366ceff90b173d stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

ef0d247d8b1fe318a7366ceff90b173d

C2

http://79.137.207.76:80/

xor.plain

Extracted

Family

raccoon

Botnet

3�f�Ff3�f�3�f��H_^[��̋�U��MV��

xor.plain

Targets

- Target
  
  972abf3179291dfac99397b5ae996365.exe
- Size
  
  800KB
- MD5
  
  972abf3179291dfac99397b5ae996365
- SHA1
  
  8272904cb904a2c2103106023c039ee8515721e0
- SHA256
  
  03e96c022c76316f6b1db47895edb89666072c1b7104b863a9d229ea74b2ef0a
- SHA512
  
  c4d778f594de65974e53069a79660d7dc1073d2bceea76bcdf1b9037a5e9d6c5cf013b8b45723a255d9a288fb5edb17d110a8b5fef7818b44b1126135c409c74
- SSDEEP
  
  12288:I8v8SqEnVG0PmTh+kAUsdKI7iuNpH7K/:cfh+kfG7Dq
Score

10^/10

raccoon 3�f�ff3�f�3�f��h_^[��ef0d247d8b1fe318a7366ceff90b173d stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon3�f�ff3�f�3�f��h_^[��ef0d247d8b1fe318a7366ceff90b173dstealer

behavioral2

raccoonef0d247d8b1fe318a7366ceff90b173dstealer

© 2018-2024

Terms | Privacy