Overview

overview

10

Static

static

3

fea64d3a01...14.exe

windows7-x64

10

fea64d3a01...14.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fea64d3a0106278b952c5da98d795414.exe

  • Size

    640KB

  • Sample

    230814-fdf5wsbe6s

  • MD5

    fea64d3a0106278b952c5da98d795414

  • SHA1

    8a9cefe3e1f2b20416281ca3d59aa1a97c5785dd

  • SHA256

    7cf98c4d66d5932d35a20a38b36c369d9847857ccefca7a0ca5a6b378e471527

  • SHA512

    153d2a3645544e90cbd13590fcd404f9e4e966373c2408024321e60fcbb314e176769406e8c4ffea1bc2efcfce4fe696c88bacd1a8f91f8dbfdd3b09e4d8b0fd

  • SSDEEP

    6144:zgOeGIAHxSJ3laLHgbVzUMNv0eAOSe5zKE9vM534:M7JJVakBp0eJ52E9kC

Score
10/10
raccoon58d3d798d34797c8dc115d7871080018spywarestealer

Malware Config

Extracted

Family

raccoon

Botnet

58d3d798d34797c8dc115d7871080018

C2

http://94.142.138.147:77z

xor.plain

Targets

    • Target

      fea64d3a0106278b952c5da98d795414.exe

    • Size

      640KB

    • MD5

      fea64d3a0106278b952c5da98d795414

    • SHA1

      8a9cefe3e1f2b20416281ca3d59aa1a97c5785dd

    • SHA256

      7cf98c4d66d5932d35a20a38b36c369d9847857ccefca7a0ca5a6b378e471527

    • SHA512

      153d2a3645544e90cbd13590fcd404f9e4e966373c2408024321e60fcbb314e176769406e8c4ffea1bc2efcfce4fe696c88bacd1a8f91f8dbfdd3b09e4d8b0fd

    • SSDEEP

      6144:zgOeGIAHxSJ3laLHgbVzUMNv0eAOSe5zKE9vM534:M7JJVakBp0eJ52E9kC

    Score
    10/10
    raccoon58d3d798d34797c8dc115d7871080018spywarestealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks