Overview

overview

10

Static

static

1

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    971KB

  • Sample

    230710-prd25abb7t

  • MD5

    c3e9908d1e901feba57d1787d20890bb

  • SHA1

    72411751972fac27bccc40df6daf287893a82a2d

  • SHA256

    dcaea3df855bc03a2723979525b63da64e13958a68741ddbe92e183135fc9247

  • SHA512

    28a6535d4fdf58ebc0dffbc470a3d4dbc8e3c9d8e96c8d471bf69902152d795ab5d5867b8d5a96cdb4a2eb59529b127d233d14e190cb3c4ede3e9d594d411889

  • SSDEEP

    12288:qJjXuA5ao5Xc3Foj2btm0S82Iz89LUzLeGOMFWhLpUrc+nT9vwM5Lru7h2xC+:smBF2C20LDIhLpUI+vHxC+

Score
10/10
raccoon3f5db940cf0d55359bd7997f1d8cbde7stealer

Malware Config

Extracted

Family

raccoon

Botnet

3f5db940cf0d55359bd7997f1d8cbde7

C2

http://91.242.229.237:80/

xor.plain

Targets

    • Target

      tmp

    • Size

      971KB

    • MD5

      c3e9908d1e901feba57d1787d20890bb

    • SHA1

      72411751972fac27bccc40df6daf287893a82a2d

    • SHA256

      dcaea3df855bc03a2723979525b63da64e13958a68741ddbe92e183135fc9247

    • SHA512

      28a6535d4fdf58ebc0dffbc470a3d4dbc8e3c9d8e96c8d471bf69902152d795ab5d5867b8d5a96cdb4a2eb59529b127d233d14e190cb3c4ede3e9d594d411889

    • SSDEEP

      12288:qJjXuA5ao5Xc3Foj2btm0S82Iz89LUzLeGOMFWhLpUrc+nT9vwM5Lru7h2xC+:smBF2C20LDIhLpUI+vHxC+

    Score
    10/10
    raccoon3f5db940cf0d55359bd7997f1d8cbde7stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks