raccoon | 8504046c2ea601460e42d3a1ca05020cc49316a9dfa535b25d99535ad5f13751 | Triage

Submit
Reports

Overview

overview

Static

static

3

8504046C2E...53.exe

windows7-x64

8504046C2E...53.exe

windows10-2004-x64

Sharing

General

Target

8504046C2EA601460E42D3A1CA05020CC49316A9DFA53.exe
Size

17.1MB
Sample

231128-zdkb4ace82
MD5

609aae1b7204c854d660c22179ece445
SHA1

897ac7d1a4583d4a57ee9b6f045e13bcc89b0229
SHA256

8504046c2ea601460e42d3a1ca05020cc49316a9dfa535b25d99535ad5f13751
SHA512

5602d7ece0d0ca7e94bc348b3b6284d45dc0cf31982eedd54ea3f5fdc860a00be5a61eb0d4d89410f549fd29b156511085ec16af8a1fc43f0ee2aa5a14f2b9ab
SSDEEP

393216:LymUDdRkuhbXo8u8jMB5yU9sWwOExGTkuRe1jkgIBN1:2m6bdoOjeQUKZ7AIuRe1uBN

Score

10^/10

raccoon d4dfe058bb722373a292317097b425f0 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8504046C2EA601460E42D3A1CA05020CC49316A9DFA53.exe

Resource

win7-20231020-en

raccoon d4dfe058bb722373a292317097b425f0 stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8504046C2EA601460E42D3A1CA05020CC49316A9DFA53.exe

Resource

win10v2004-20231127-en

raccoon d4dfe058bb722373a292317097b425f0 stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

d4dfe058bb722373a292317097b425f0

C2

http://37.49.230.54:80

http://37.49.230.152:80

Attributes

user_agent
GeekingToTheMoon

xor.plain

Targets

- Target
  
  8504046C2EA601460E42D3A1CA05020CC49316A9DFA53.exe
- Size
  
  17.1MB
- MD5
  
  609aae1b7204c854d660c22179ece445
- SHA1
  
  897ac7d1a4583d4a57ee9b6f045e13bcc89b0229
- SHA256
  
  8504046c2ea601460e42d3a1ca05020cc49316a9dfa535b25d99535ad5f13751
- SHA512
  
  5602d7ece0d0ca7e94bc348b3b6284d45dc0cf31982eedd54ea3f5fdc860a00be5a61eb0d4d89410f549fd29b156511085ec16af8a1fc43f0ee2aa5a14f2b9ab
- SSDEEP
  
  393216:LymUDdRkuhbXo8u8jMB5yU9sWwOExGTkuRe1jkgIBN1:2m6bdoOjeQUKZ7AIuRe1uBN
Score

10^/10

raccoon d4dfe058bb722373a292317097b425f0 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoond4dfe058bb722373a292317097b425f0stealer

behavioral2

raccoond4dfe058bb722373a292317097b425f0stealer

© 2018-2024

Terms | Privacy