raccoon | 95d646959e53e56f07dad3309366b8e9ce6355881ceeeac17e4254fbc1d2f30e | Triage

Submit
Reports

Overview

overview

Static

static

3

sample/Pre...te.exe

windows7-x64

1

sample/Pre...te.exe

windows10-2004-x64

Sharing

General

Target

95d646959e53e56f07dad3309366b8e9ce6355881ceeeac17e4254fbc1d2f30e_JC.zip
Size

27.3MB
Sample

230724-pz4bzsdf21
MD5

8bc475d55b74e868b2cac278e1a13163
SHA1

aa4d9b9f8459181a49d10dee7bc199526ebcc082
SHA256

95d646959e53e56f07dad3309366b8e9ce6355881ceeeac17e4254fbc1d2f30e
SHA512

63bfd53eb555adbb04794c84bea26a18e058455794fe32de086e79ba45e2d2fa4181b6977c09c32a7e9ec65185091e60d0a8dd767ef6a9fe5829f53a834a9be3
SSDEEP

393216:C3TsGG9k3B25FxFhVlXnr+DlFcBIaw0bUGi35bgv8BBgkCl/v:C3m

Score

10^/10

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sample/Pre_Satup1_Activate.exe

Resource

win7-20230712-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample/Pre_Satup1_Activate.exe

Resource

win10v2004-20230703-en

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

5ec3a3775a41038ee7acd6146ee95411

C2

http://94.142.138.6:80/

xor.plain

Targets

- Target
  
  sample/Pre_Satup1_Activate.exe
- Size
  
  66.0MB
- MD5
  
  60c266e24923ebb2f88f2e29d45cc553
- SHA1
  
  893fa582caeca62faf5fccce950f5b654ef339c5
- SHA256
  
  d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e
- SHA512
  
  e2c87a7c2fa8a3f07fff03505592c74a5528249c40e40573deb2a5dfc2961a99ac6f4d28324982555f7296d706901940f66e6a85e25a4492d42f1e674943fd15
- SSDEEP
  
  12288:cTSptB012lD9Gx/4fj0gcSyGD8Apjl4IWQAqOs/Dq1tXLi1CBpojCSguSYrsE1EP:cTam2bGwPc651uI9BCXhcjCSRrNgougc
Score

10^/10

raccoon 5ec3a3775a41038ee7acd6146ee95411 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

raccoon5ec3a3775a41038ee7acd6146ee95411stealer

© 2018-2024

Terms | Privacy