Resubmissions

02/12/2022, 08:23

221202-kaaadsdb8z 10

02/12/2022, 08:22

221202-j9v6gadb6x 10

08/11/2022, 11:28

221108-nk69nadhb6 10

General

  • Target

    1.bin.zip

  • Size

    288KB

  • MD5

    44f40d6c1a49374fdf3f17bc234c4e18

  • SHA1

    4ae3e2c7c8056e2865245da197dbcfabb8fcd0c3

  • SHA256

    48d90b6337918f411a0397a176c93006e37fed9b62f598a6de7015fc78121379

  • SHA512

    d765416b2d07e0f90a071c0e93c3107a07646bfb86aaa5dec974b70d219485bd856e21e6fabcbbd8c89b5837e6b04c701e0d27545fdb928d1f6825c69a5acb29

  • SSDEEP

    3072:2zbCrYEp2WCz8b1HBlJTtXtO94rrCVbi0gpiTcmwApApSnQ8HQ/zWgDIXHbCDyJN:czdz8b1HBLTt4KrOWicHAjh7vLynTRr6

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

6a0617fba4d5f0baebe2dddb18f0ff8eee30cc3f

Attributes
  • url4cnc

    https://telete.in/e39limbo

rc4.plain
rc4.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1.bin.zip
    .zip

    Password: infected

  • 1.bin
    .exe windows:6 windows x86

    Password: infected

    51747c8f67e1906217336bcac3925924


    Headers

    Imports

    Sections