Overview

overview

10

Static

static

1

b5c09b7219...JC.exe

windows7-x64

10

b5c09b7219...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b5c09b721948af6cdc6ae9a4dc3777d51902ff8e8b1b96bae838bcd96d3de3c1_JC.exe

  • Size

    2.5MB

  • Sample

    231014-aw3hyshg27

  • MD5

    e8eedfa9c23d565850e4b712c469dc96

  • SHA1

    f2f601bc5c5ac13d007774d7a874f06d41360898

  • SHA256

    b5c09b721948af6cdc6ae9a4dc3777d51902ff8e8b1b96bae838bcd96d3de3c1

  • SHA512

    b19716f9708f68927b7eb90a3e241e81801aa2c8fbcfa10707c15946613dafcb9cf4ddf3c41b08e13b44ba1034516a549cbca11632ed597ffa71e997dbae623b

  • SSDEEP

    24576:q9NuMPWiKnLjlJ2jfELozwMxB7AvmsJTXsa4BDVUK7tl1SGxSA1wh5x92JaAZk:uPWXH2j8cpIhJTXqBL7trSaMh5xEZW

Score
10/10
raccoonf2207cc6984622b8485f5089d6ca4069stealer

Malware Config

Extracted

Family

raccoon

Botnet

f2207cc6984622b8485f5089d6ca4069

C2

http://5.78.81.39:8088/

Attributes
  • user_agent

    GeekingToTheMoon

xor.plain

Targets

    • Target

      b5c09b721948af6cdc6ae9a4dc3777d51902ff8e8b1b96bae838bcd96d3de3c1_JC.exe

    • Size

      2.5MB

    • MD5

      e8eedfa9c23d565850e4b712c469dc96

    • SHA1

      f2f601bc5c5ac13d007774d7a874f06d41360898

    • SHA256

      b5c09b721948af6cdc6ae9a4dc3777d51902ff8e8b1b96bae838bcd96d3de3c1

    • SHA512

      b19716f9708f68927b7eb90a3e241e81801aa2c8fbcfa10707c15946613dafcb9cf4ddf3c41b08e13b44ba1034516a549cbca11632ed597ffa71e997dbae623b

    • SSDEEP

      24576:q9NuMPWiKnLjlJ2jfELozwMxB7AvmsJTXsa4BDVUK7tl1SGxSA1wh5x92JaAZk:uPWXH2j8cpIhJTXqBL7trSaMh5xEZW

    Score
    10/10
    raccoonf2207cc6984622b8485f5089d6ca4069stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks