Overview

overview

10

Static

static

3

Version_Un...on.exe

windows7-x64

10

Version_Un...on.exe

windows10-2004-x64

10

Version_Un...or.dll

windows7-x64

1

Version_Un...or.dll

windows10-2004-x64

1

Version_Un...mm.dll

windows7-x64

3

Version_Un...mm.dll

windows10-2004-x64

1

Version_Un...mt.dll

windows7-x64

1

Version_Un...mt.dll

windows10-2004-x64

1

Version_Un...GL.dll

windows7-x64

1

Version_Un...GL.dll

windows10-2004-x64

1

Version_Un...t.data

windows7-x64

3

Version_Un...t.data

windows10-2004-x64

3

Version_Un...sw.dll

windows7-x64

1

Version_Un...sw.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Version_Unlimited.zip

  • Size

    12.8MB

  • Sample

    230718-nj99xshf96

  • MD5

    534a54b3783d7d27c68c9309fa6bb0ba

  • SHA1

    2f603908a48e0bb6be0a908ff8680e75c250037a

  • SHA256

    c4a93d85f3bdd338ab1e531720fdd25295164709a5d907907a0736cce01abe3a

  • SHA512

    74fababf363be4332713418146fb23eedd59f8f2bb8502eaa8d4bb25859aedf619d14df067afa0b256451ba17c692d57a199de168335dc5ec46fd0f5195b4caa

  • SSDEEP

    393216:JS2vY4THht0XeLQfPtrKBdk/7qz9FW//23sOPCn4:JDTEGQNrW6CbQ23sn4

Score
10/10
raccoon3f90e121d72f5ca3e25782763e1827c1stealer

Malware Config

Extracted

Family

raccoon

Botnet

3f90e121d72f5ca3e25782763e1827c1

C2

http://77.73.134.30/

xor.plain

Targets

    • Target

      Version_Unlimited/Full_Version.exe

    • Size

      726.3MB

    • MD5

      db12e90433d2b7bdad87d253099086c4

    • SHA1

      27e6ddef547dacfb9f61e5696f385ce7ae5b8226

    • SHA256

      8228efa4c51e99435869d47aa1ac308b709a6ae6a9ea6f1c73dcae94df9cf2bc

    • SHA512

      b41addfc3a450c16505f33f7c9c87de053bfe60a01a8ddc00f46697e8946535f7e6213eee89888690581783abe8f1c9e132f2576e5eb9b71fe29a6c75f62aee3

    • SSDEEP

      196608:lRBBpsrir10wk8dEdCwOFelnpCRF///dNojvAYAC:NBpsmWNwwuelnpC5M

    Score
    10/10
    raccoon3f90e121d72f5ca3e25782763e1827c1stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    behavioral1behavioral2

    • Target

      Version_Unlimited/bin/HwidProtector.dll

    • Size

      228KB

    • MD5

      e4c67cc149ca5fa61382f8654409feee

    • SHA1

      408931b18d31562fe9f3419d7663a1cafcc7f65f

    • SHA256

      f2f264bd4faa5fccf3bd32a9a7b6b5ffc90754c759dca3127be0ff107bef33a6

    • SHA512

      49de4dc0de0f25dd279a33124fc4fdc2b80cec6105c70290db48f77068775f1727c5f4d996bf41f5ded424de0318a5eef9e0ad08050a0fd3a8964c94afa89f8b

    • SSDEEP

      1536:6kig1Ac42h743XNd55vQryAdbEPVBbM44DdROpiMnesVWDwVPhVbOucFCDrMq1np:jT1lh743rvQ4R46hJ/Uyxu9yLBRiy

    Score
    1/10
    behavioral3behavioral4

    • Target

      Version_Unlimited/bin/borlndmm.dll

    • Size

      47KB

    • MD5

      e3fcf256b4683ab92703842985b5e725

    • SHA1

      0cd88d6b7fea697aef161f861861ecf8bdd4586d

    • SHA256

      ca1f509d6779bc005f332027d50e9bafa952bcf970953593a9566973b4122759

    • SHA512

      50d96e1ef2d8e941ad15427359600d35ef7cc879da9b14dc0b6228ddc375f5743e2c3a1ee239fd4f51261c4f1bc95d8a044abfcb052626fb86edcc54e7e74985

    • SSDEEP

      768:Bu2xqT9w4SsJwUIgOmoowURkYAwtVo3c8EL+:BuD643Jd5Omvs39

    Score
    3/10
    behavioral5behavioral6

    • Target

      Version_Unlimited/bin/cc32100mt.dll

    • Size

      1.1MB

    • MD5

      1ec6fe4798163c9eab3bc7835fbf4f47

    • SHA1

      98a866e8cd1668032709315998db64fae20b6690

    • SHA256

      d221da673572c2d0c8edc23de7dfeea3e6cd6e994427ae48565a16751a3871bc

    • SHA512

      5afa699507a790d757d05b251126d2dbf83db7808242586dbfe5d4dabe4b6506f266622f9c36490dcf29d89d78e0b97c2d4b960017255608a2f86e98759a1a43

    • SSDEEP

      24576:476TpkGU8Y5weSSoaX4ripuXQ9hlbyRTzhRaWnEZN1e6HfSDu/hwY:Eejxn6N1

    Score
    1/10
    behavioral7behavioral8

    • Target

      Version_Unlimited/bin/libEGL.dll

    • Size

      18KB

    • MD5

      379358b4cd4b60137c0807f327531987

    • SHA1

      b0a5f6e3dcd0dbc94726f16ed55d2461d1737b59

    • SHA256

      0ff1d03926f5d9c01d02fae5c5e1f018a87d7f90a1826de47277530bfc7776f8

    • SHA512

      097c08135d654596a19ada814ad360a8c2374d989cbd7094c6acb092e9854abf1f1d878d3da72b66c4c75806586bee7fe04d555a1d82db170725bdbeadea7d50

    • SSDEEP

      384:rLyPunoshzdtnbuH0aXOk0GfZh5g+zCxU:rLy7s5dJuHHOqhyy

    Score
    1/10
    behavioral10behavioral9

    • Target

      Version_Unlimited/bin/newsocket.data

    • Size

      3KB

    • MD5

      1e1589d7e54f2261397a93cba88c8082

    • SHA1

      d6af6e4425cfdff84d3080e38b8f6df43e3b8f57

    • SHA256

      e4931b6e39a9616e32e4e51159f22a4a8f40031060d62084d257c2f8d77d0157

    • SHA512

      001da8e1f4698c788634280072e959531cdf5a6471be79c70eda1f9e9b4a3e85f87e326ddf00a0382582cdd0e103a16d1a652a5164ced617926701c6e00086fd

    Score
    3/10
    behavioral11behavioral12

    • Target

      Version_Unlimited/bin/opengl32sw.dll

    • Size

      14.5MB

    • MD5

      3bd5aea364326cdfa667651a93e7a4c9

    • SHA1

      f33b4a83e038363c1a4df919e6f6e0e41dba9334

    • SHA256

      23f04ba936568e9a7c9dce7a6beb52c9be7eb13b734cd390c99e7546cbe1973d

    • SHA512

      7bd4e742b4d683b79de54eaf7d8b215252212921b8a53d1fbfc8e51ce43505c003da62fd126663bc04bbc65b8f77b85232c78ea6ecba8a4e425c28c0e9c80dc3

    • SSDEEP

      393216:00Rly5ZnSHLe1tvwDTtwJuefdrX780dNYbg4A358TjGNrS1aKbBICZBSJLGWIGC2:NRlyP71tvwDTtwJuefdrX780dNYbg4Az

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v6

Tasks