General
-
Target
74fe33decad5ebdb420b30df8a7b9f85.exe
-
Size
231KB
-
Sample
230713-ssamwaaa9z
-
MD5
74fe33decad5ebdb420b30df8a7b9f85
-
SHA1
9bdc89934e300f8f9c913c16034a530e9b934a12
-
SHA256
4b4e2cb90f19ec78d76ee50e62baf1d609efa74716f92cc1f42921716372553a
-
SHA512
030b5b15b3eeb88125ea594572edc077369ba0e8d6cb1f3693412aa32d37bf2068984cffba12abd87ae1ea25db1e7f1762f1f21ccef6567ce258a07f2a4b5efc
-
SSDEEP
6144:DecR+w6pFSvGpDbnD6suIhfQFTlPPpMsTOA:DhwweFzpH7Ns9t
Malware Config
Extracted
raccoon
3c85f6d12f0866626b35b64056ce8880
http://5.78.98.26:8088/
Targets
-
-
Target
74fe33decad5ebdb420b30df8a7b9f85.exe
-
Size
231KB
-
MD5
74fe33decad5ebdb420b30df8a7b9f85
-
SHA1
9bdc89934e300f8f9c913c16034a530e9b934a12
-
SHA256
4b4e2cb90f19ec78d76ee50e62baf1d609efa74716f92cc1f42921716372553a
-
SHA512
030b5b15b3eeb88125ea594572edc077369ba0e8d6cb1f3693412aa32d37bf2068984cffba12abd87ae1ea25db1e7f1762f1f21ccef6567ce258a07f2a4b5efc
-
SSDEEP
6144:DecR+w6pFSvGpDbnD6suIhfQFTlPPpMsTOA:DhwweFzpH7Ns9t
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Raccoon Stealer payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-