Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Resubmissions

06-02-2024 03:34

240206-d41wwaefa8 10

27-11-2023 04:47

231127-fekjpsed43 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    017fdf6b4016eb83c74165110d7b1b77aab163c1b58ef133b93f07788a1906b8

  • Size

    1.6MB

  • Sample

    231127-fekjpsed43

  • MD5

    346bcb0f32a5f129bcc397b3ff149d06

  • SHA1

    cc9ef4edeb9d2c2ecf4a8fdca5b0c194244e0d85

  • SHA256

    017fdf6b4016eb83c74165110d7b1b77aab163c1b58ef133b93f07788a1906b8

  • SHA512

    4efbd8295b8021f4ae58962fb623478a2ae0095e0fa0bb08840382573fae47352a55ffaadab016abca6413155abe64536cb8eb819e0ea6a96fbaf2f49a00eedc

  • SSDEEP

    24576:SeFafLTWHB2CUuE7GaTRWAlVzQKPBG2qIeO46EhX:SyGTWHM75TNVB5HqmFAX

Score
10/10
raccoonredlineinfostealerspywarestealer

Malware Config

Targets

    • Target

      017fdf6b4016eb83c74165110d7b1b77aab163c1b58ef133b93f07788a1906b8

    • Size

      1.6MB

    • MD5

      346bcb0f32a5f129bcc397b3ff149d06

    • SHA1

      cc9ef4edeb9d2c2ecf4a8fdca5b0c194244e0d85

    • SHA256

      017fdf6b4016eb83c74165110d7b1b77aab163c1b58ef133b93f07788a1906b8

    • SHA512

      4efbd8295b8021f4ae58962fb623478a2ae0095e0fa0bb08840382573fae47352a55ffaadab016abca6413155abe64536cb8eb819e0ea6a96fbaf2f49a00eedc

    • SSDEEP

      24576:SeFafLTWHB2CUuE7GaTRWAlVzQKPBG2qIeO46EhX:SyGTWHM75TNVB5HqmFAX

    Score
    10/10
    raccoonredlineinfostealerspywarestealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks