raccoon | 40e374e5c98b01418e638e50cbae8ce4d2a4fbe00831e2be9a5abf2d8fba478b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

Wondershar...se.exe

windows10-2004-x64

Sharing

General

Target

Wondershare Filmora 12 License.exe
Size

838KB
Sample

231014-2rkacseb29
MD5

5560bdda88b90827215d187b9b6b3f46
SHA1

799c650f0e0971d96019ef772ba37a8aa5b25784
SHA256

40e374e5c98b01418e638e50cbae8ce4d2a4fbe00831e2be9a5abf2d8fba478b
SHA512

3ba64aa47fc7ae1f62da76a685a97e1a7d5c2088fcafb99e28973af12444ef468dd502fd7859f934fc511fb5251ea5c0270472cf5a6bc28530e83865dd86eef8
SSDEEP

12288:UVIlE+PycGgq6astN6811B15heuWHbL/tvPp4hSkfm8GlhV+FNjovV:UVIa+PyzgJastT18HhGfxGlhViNjo

Score

10^/10

raccoon 824e7696690cc396bc008e0c919bdc4b stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Wondershare Filmora 12 License.exe

Resource

win10v2004-20230915-es

raccoon 824e7696690cc396bc008e0c919bdc4b stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

824e7696690cc396bc008e0c919bdc4b

C2

http://62.113.119.179:80/

Attributes

user_agent
SunShineMoonLight

xor.plain

Targets

- Target
  
  Wondershare Filmora 12 License.exe
- Size
  
  838KB
- MD5
  
  5560bdda88b90827215d187b9b6b3f46
- SHA1
  
  799c650f0e0971d96019ef772ba37a8aa5b25784
- SHA256
  
  40e374e5c98b01418e638e50cbae8ce4d2a4fbe00831e2be9a5abf2d8fba478b
- SHA512
  
  3ba64aa47fc7ae1f62da76a685a97e1a7d5c2088fcafb99e28973af12444ef468dd502fd7859f934fc511fb5251ea5c0270472cf5a6bc28530e83865dd86eef8
- SSDEEP
  
  12288:UVIlE+PycGgq6astN6811B15heuWHbL/tvPp4hSkfm8GlhV+FNjovV:UVIa+PyzgJastT18HhGfxGlhViNjo
Score

10^/10

raccoon 824e7696690cc396bc008e0c919bdc4b stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon824e7696690cc396bc008e0c919bdc4bstealer

© 2018-2025

Terms | Privacy