raccoon | d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e | Triage

Submit
Reports

Overview

overview

Static

static

3

Pre_Satup1...te.exe

windows7-x64

1

Pre_Satup1...te.exe

windows10-1703-x64

Pre_Satup1...te.exe

windows10-2004-x64

Resubmissions

23-07-2023 09:55

230723-lxs7fsdg62 10

Sharing

General

Target

Pre_Satup1_Activate.exe
Size

66.0MB
Sample

230723-lxs7fsdg62
MD5

60c266e24923ebb2f88f2e29d45cc553
SHA1

893fa582caeca62faf5fccce950f5b654ef339c5
SHA256

d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e
SHA512

e2c87a7c2fa8a3f07fff03505592c74a5528249c40e40573deb2a5dfc2961a99ac6f4d28324982555f7296d706901940f66e6a85e25a4492d42f1e674943fd15
SSDEEP

12288:cTSptB012lD9Gx/4fj0gcSyGD8Apjl4IWQAqOs/Dq1tXLi1CBpojCSguSYrsE1EP:cTam2bGwPc651uI9BCXhcjCSRrNgougc

Score

10^/10

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Pre_Satup1_Activate.exe

Resource

win7-20230712-en

windows7-x64

3 signatures

300 seconds

Behavioral task

behavioral2

Sample

Pre_Satup1_Activate.exe

Resource

win10-20230703-en

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer

windows10-1703-x64

10 signatures

300 seconds

Behavioral task

behavioral3

Sample

Pre_Satup1_Activate.exe

Resource

win10v2004-20230703-en

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Extracted

Family

raccoon

Botnet

5ec3a3775a41038ee7acd6146ee95411

C2

http://94.142.138.6:80/

xor.plain

Targets

- Target
  
  Pre_Satup1_Activate.exe
- Size
  
  66.0MB
- MD5
  
  60c266e24923ebb2f88f2e29d45cc553
- SHA1
  
  893fa582caeca62faf5fccce950f5b654ef339c5
- SHA256
  
  d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e
- SHA512
  
  e2c87a7c2fa8a3f07fff03505592c74a5528249c40e40573deb2a5dfc2961a99ac6f4d28324982555f7296d706901940f66e6a85e25a4492d42f1e674943fd15
- SSDEEP
  
  12288:cTSptB012lD9Gx/4fj0gcSyGD8Apjl4IWQAqOs/Dq1tXLi1CBpojCSguSYrsE1EP:cTam2bGwPc651uI9BCXhcjCSRrNgougc
Score

10^/10

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

raccoon5ec3a3775a41038ee7acd6146ee95411stealer

behavioral3

raccoon5ec3a3775a41038ee7acd6146ee95411stealer

© 2018-2024

Terms | Privacy