raccoon | 820dcd611d9fb7ead07e31bd27507c898faff44bff1fef3db7d41a326d31bcf5 | Triage

Submit
Reports

Overview

overview

Static

static

3

d97e8c4b84...78.exe

windows10-2004-x64

Sharing

General

Target

d97e8c4b846f1743bae248137e96b7ed4c241ef71aaa2227347e71f509f0cd78.zip
Size

1.1MB
Sample

230821-fg587aba27
MD5

2e70f003d6f67872498b355bbe1e9e72
SHA1

9aa2745e19034ea3ffd87fcbdab677c6c556c392
SHA256

820dcd611d9fb7ead07e31bd27507c898faff44bff1fef3db7d41a326d31bcf5
SHA512

545eb315609267b63c9726166d3f94a0690bda7cfbb93367ab690899891a61fc3fab9ca3fcdba790a029607b97aab4315f4933f53691fe6be934123bc4753838
SSDEEP

24576:48BHycPh0v+r9BBy3ZNaicAMY8KHG9lDEVjEeWW:flycPh0vk/8pNrwYPolrW

Score

10^/10

raccoon 8c02f5edc9bd60a9dac0ee41df0c95a1 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d97e8c4b846f1743bae248137e96b7ed4c241ef71aaa2227347e71f509f0cd78.exe

Resource

win10v2004-20230703-en

raccoon 8c02f5edc9bd60a9dac0ee41df0c95a1 stealer

windows10-2004-x64

7 signatures

1800 seconds

Malware Config

Extracted

Family

raccoon

Botnet

8c02f5edc9bd60a9dac0ee41df0c95a1

C2

http://91.103.252.217:80/

xor.plain

Targets

- Target
  
  d97e8c4b846f1743bae248137e96b7ed4c241ef71aaa2227347e71f509f0cd78.exe
- Size
  
  2.1MB
- MD5
  
  be6381dc3f83d6134c2d23f6607be2ed
- SHA1
  
  26490592f3d71c2aaff76760e9d6ce7daeaf8a8f
- SHA256
  
  d97e8c4b846f1743bae248137e96b7ed4c241ef71aaa2227347e71f509f0cd78
- SHA512
  
  fe2714c85bd4a2793600840f3f0492e94914052f8ca2edaa7c0bd21dab56ae45a135bc76714ec200d2bd9b8aad8fdcc8ec1401e4685264c555be2c55e7f287e5
- SSDEEP
  
  24576:7NDh/Et25n61RW2wzG9RI7Z7v4uCJIJIJv5nQmDFzyLW0/Yzq1xxqKOI:MY4uCJIJIJR4WAd1
Score

10^/10

raccoon 8c02f5edc9bd60a9dac0ee41df0c95a1 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon8c02f5edc9bd60a9dac0ee41df0c95a1stealer

© 2018-2024

Terms | Privacy