Overview

overview

10

Static

static

3

bd14a25c3f...2a.exe

windows7-x64

10

bd14a25c3f...2a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd14a25c3f6e6687a4de687d9d1a2b2a.exe

  • Size

    1.2MB

  • Sample

    231127-t625qaaa2z

  • MD5

    bd14a25c3f6e6687a4de687d9d1a2b2a

  • SHA1

    17b9cc38282e6e69e6525a8bb7184c0e80e9f148

  • SHA256

    7c4f084abd9f7229ca5225a304a86f48d7dddf7ebce402f1200726ac77b5e292

  • SHA512

    8329a3dd6b07c4ce60714335d947da65199ad796dc1f78ee5774ee4d90d26d7c125e3b4a76aa725b73fb8d11d7f06aaf20f8c0cc7c69b4196267f87b5554cc21

  • SSDEEP

    24576:Y/B+Xb8N2E85odK3fTEpe0pFET+8A39c2fu:Ykrq7tbBpFZ8A62f

Score
10/10
raccoonstealer

Malware Config

Targets

    • Target

      bd14a25c3f6e6687a4de687d9d1a2b2a.exe

    • Size

      1.2MB

    • MD5

      bd14a25c3f6e6687a4de687d9d1a2b2a

    • SHA1

      17b9cc38282e6e69e6525a8bb7184c0e80e9f148

    • SHA256

      7c4f084abd9f7229ca5225a304a86f48d7dddf7ebce402f1200726ac77b5e292

    • SHA512

      8329a3dd6b07c4ce60714335d947da65199ad796dc1f78ee5774ee4d90d26d7c125e3b4a76aa725b73fb8d11d7f06aaf20f8c0cc7c69b4196267f87b5554cc21

    • SSDEEP

      24576:Y/B+Xb8N2E85odK3fTEpe0pFET+8A39c2fu:Ykrq7tbBpFZ8A62f

    Score
    10/10
    raccoonstealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer payload

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

1
T1057

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks