raccoon | f7d2b0988cf592d1438563788bbd189302bae174d9923d262bb76c04d73aa6b5 | Triage

Submit
Reports

Overview

overview

Static

static

3

GRIZZLY Fortnite.exe

windows10-2004-x64

Sharing

General

Target

GRIZZLY Fortnite.bin.zip
Size

334KB
Sample

230804-s4hsmadc51
MD5

7b637969f811b536cc95d6c103cf2186
SHA1

1fab6a62c119ee063ca0eb56b95a4f681beea541
SHA256

f7d2b0988cf592d1438563788bbd189302bae174d9923d262bb76c04d73aa6b5
SHA512

6d21259325f17b61aaad69e68e703d51a001ea909a5086849b1e552273b368ad75881327cdcf5c83bb12939ec17be6fe94ff066c363943b2bf282d78db531eb0
SSDEEP

6144:VjpI5XyyCoguF28nzVgFP6ABhvi+W4oZzN7dD+N1HUSrUZM5Y:VjK5XNF28zVsBhvi+7oZHo1HZAe5Y

Score

10^/10

raccoon 6d9a27d181fb1befc704f99cab4172f9 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

GRIZZLY Fortnite.exe

Resource

win10v2004-20230703-en

raccoon 6d9a27d181fb1befc704f99cab4172f9 stealer

windows10-2004-x64

4 signatures

600 seconds

Malware Config

Extracted

Family

raccoon

Botnet

6d9a27d181fb1befc704f99cab4172f9

C2

http://94.142.138.147:77,

xor.plain

Targets

- Target
  
  GRIZZLY Fortnite.bin
- Size
  
  1.2MB
- MD5
  
  0219d53c3074f6bf506c0f7c06928234
- SHA1
  
  a29416907f970ad3016acda87cb7ad9fe7a23b34
- SHA256
  
  e686ca79adb10c4655c8b7ea9bded3f81494bac85b0ca37d0ff9d669bd534298
- SHA512
  
  9ff7c644f1ace59fa5b9dddb7a9838fa3034783705c717610cdf71207ef5c7398390995d98393e5c8dc5e57d73c23567f5c0ac9f493a51fdfd49070f7aed6b36
- SSDEEP
  
  12288:RwiWirHrje7f5OaL8nZ5AORT1Z+Lp+K4JMcZ1tRV5uY3fmghoy3:Rwyje7fQaL8nZ5+4CsL/
Score

10^/10

raccoon 6d9a27d181fb1befc704f99cab4172f9 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon6d9a27d181fb1befc704f99cab4172f9stealer

© 2018-2024

Terms | Privacy