Overview

overview

10

Static

static

3

Launch3r_3...al.exe

windows7-x64

1

Launch3r_3...al.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Launch3r_3.64_win64_86-setup+manual.rar

  • Size

    41.3MB

  • Sample

    230702-za9gtadf22

  • MD5

    e93b21ec14edecc05b419e61a60c3f30

  • SHA1

    f10558b5682c731d76bcb057234d9614123851cf

  • SHA256

    f325b3ce57189ecab575f5435116e05c1ba4639f3cf8ad8a76557c3b1865c222

  • SHA512

    debc5ef9460ad19f86e4eadc5d6a6820ed0e5effc30918ee2316e1d0c3b252569c18c2c85a461b6da842a81abb99a16c64a1691fadab4c8e4e90bc1b05509f05

  • SSDEEP

    786432:nHJN9QT+GX21TyuxCJLqrhVP2zdSM2wtBe6fR798BD/1oCTJKq:nnKx212w4+fq/lfR7CBTSCT8q

Score
10/10
raccoon37a21c0aa81fac5a28180c5ed403e48dinfostealer_genericstealer

Malware Config

Extracted

Family

raccoon

Botnet

37a21c0aa81fac5a28180c5ed403e48d

C2

http://94.142.138.31:80/

xor.plain

Targets

    • Target

      Launch3r_3.64_win64_86-setup+manual.exe

    • Size

      2.4MB

    • MD5

      580e2ecf869c49814017ff7f91f8b7bb

    • SHA1

      c8ed15560fd7646fb4877f94b7e2a6159e164d07

    • SHA256

      0611a2575d6551136dcb1179ca9275270d51fffb43fb3af4a148e489ebd65500

    • SHA512

      13e23d95f23d732001811a5b2029f3c626d86097187d168a302af5f15a6f13dafd1063ef2f4a47a7dd8f3327cf0e636988911a8e607d2eee8cf0cc5ac858f07d

    • SSDEEP

      49152:s27jiTjx2gg83SLXAE4BaXsGacFoI08nqjKNpnhK:44g2hXhOunhK

    Score
    10/10
    raccoon37a21c0aa81fac5a28180c5ed403e48dinfostealer_genericstealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Find unpacked information stealer based on possible SQL query to retrieve broswer data

      Detects infostealer.

      infostealer_generic

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks