Overview

overview

10

Static

static

1

fb6dcfde44...81.exe

windows7-x64

10

fb6dcfde44...81.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ef1e4eb4447a37e49946e86021314e9.bin

  • Size

    1.3MB

  • Sample

    230823-bwacvaad31

  • MD5

    549dc4a0e1f8bb3fbd5a958f4beac951

  • SHA1

    6cc3a987009a0f5a25fe6f3a44060ad053af0789

  • SHA256

    2254a6a7e7c56dd273be02cd3e08493a64da871236a22c0919ed5eef3777dbb4

  • SHA512

    f84107ffae2507f2fd50f4832a966b6c349a283dd19955f756830d8719e3640c6c898d3ec0c597450ff911d2c92593af89d6227d0af3afe190db2dbe769e5906

  • SSDEEP

    24576:P+v3KlYzGm3KpPCTQZKURSXHJtXjXnsgc8i7pUbCThEHU6BR29dfm9Ji:PS3KMk6TbbbXnsgexh96B89dfGJi

Score
10/10
raccoonda1a2bf97bd22db993dd01b30d040258stealer

Malware Config

Extracted

Family

raccoon

Botnet

da1a2bf97bd22db993dd01b30d040258

C2

http://77.246.102.57:80/

xor.plain

Targets

    • Target

      fb6dcfde4437027abef2cf99a67351a16f28615457339ac160d55cf8ea57bc81.exe

    • Size

      2.5MB

    • MD5

      6ef1e4eb4447a37e49946e86021314e9

    • SHA1

      29426df9e7447aa088c21c38f44a9ecfb7b266d9

    • SHA256

      fb6dcfde4437027abef2cf99a67351a16f28615457339ac160d55cf8ea57bc81

    • SHA512

      8b07edc61d257157a2590ccd7e395ff82b94ade2f1f15f5d634f76d73da2a6a6be7e7d083d958a5d021c7925eb2e3583b70e576c4d5f339aa1d8efc12dbac477

    • SSDEEP

      24576:ouSNRJncu+meZg+yjGFl4z/sQ65aPuGibvDRv3X/RT50oI3ThQhK+Mh3j3T6u7oQ:oN1hjGgVjUeQjxP/RvxhK+OjG71ol+Mt

    Score
    10/10
    raccoonda1a2bf97bd22db993dd01b30d040258stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks