raccoon | ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe | Triage

Submit
Reports

Overview

overview

Static

static

3

ae0586d416...fe.exe

windows7-x64

ae0586d416...fe.exe

windows10-2004-x64

Sharing

General

Target

ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe
Size

17.6MB
Sample

231120-lwk5fsfh7t
MD5

1fbf52eb4aa5fb5609bb63535e283835
SHA1

a96aa7fb149885cbdbf1dd3fc529c003c82f6cbb
SHA256

ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe
SHA512

41e70df4b62465849bd10cd48d8e8966721575e3ede2c7c07b1e511fbd864687e1095a0351f80361cf2f69946b7fcc519e4bddd4e5a24126f05a0d747bbadb56
SSDEEP

393216:bu8SVoCsr12eyexwQ+/bDiZJKIIbsSSUmAWFPx/UQ0:bu8SVoCJeyexwVzcIoVA4Px/T0

Score

10^/10

raccoon 8c43462d3009db225c4c0889737572cd stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe.exe

Resource

win7-20231023-en

raccoon 8c43462d3009db225c4c0889737572cd stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe.exe

Resource

win10v2004-20231020-en

raccoon 8c43462d3009db225c4c0889737572cd stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

8c43462d3009db225c4c0889737572cd

C2

http://94.142.138.49:80/

http://94.142.138.108:80/

Attributes

user_agent
DuckTales

xor.plain

Targets

- Target
  
  ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe
- Size
  
  17.6MB
- MD5
  
  1fbf52eb4aa5fb5609bb63535e283835
- SHA1
  
  a96aa7fb149885cbdbf1dd3fc529c003c82f6cbb
- SHA256
  
  ae0586d416a2c1310947a1017c43c0d95b04e80892804b3c61090b2087de0dfe
- SHA512
  
  41e70df4b62465849bd10cd48d8e8966721575e3ede2c7c07b1e511fbd864687e1095a0351f80361cf2f69946b7fcc519e4bddd4e5a24126f05a0d747bbadb56
- SSDEEP
  
  393216:bu8SVoCsr12eyexwQ+/bDiZJKIIbsSSUmAWFPx/UQ0:bu8SVoCJeyexwVzcIoVA4Px/T0
Score

10^/10

raccoon 8c43462d3009db225c4c0889737572cd stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon8c43462d3009db225c4c0889737572cdstealer

behavioral2

raccoon8c43462d3009db225c4c0889737572cdstealer

© 2018-2024

Terms | Privacy