Overview

overview

10

Static

static

3

04a75ab736...eb.exe

windows7-x64

10

04a75ab736...eb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04a75ab7363eacb0899e4887a2a420eb

  • Size

    1.4MB

  • Sample

    231219-mfjgcsced6

  • MD5

    04a75ab7363eacb0899e4887a2a420eb

  • SHA1

    29fb58f038da2f85aa025b0af012b1088d4ba7ac

  • SHA256

    3bd323cd4afb7082d04387b7381ecd19f2240104c56b8c2c8efed770c276105b

  • SHA512

    6f1698518550c6480a99ee9b7038ceee87976fdce84b0849b60e73111e895b9782f18c9463f24e149a3b12db7bbdc22f2d132342e24e432dbdc2a08a14dbc99b

  • SSDEEP

    24576:1p0a41sZb77n6Zv40QIi4BMvZqU13/Ya2Qq/OJBCoHMCbThYfbFBGBZy0yZBpydQ:QfdgpMcTsGhm5BF0y/+PTJu

Score
10/10
raccoon6b473ae90575e46165b57807704d00b90b7f6fb2stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.2

Botnet

6b473ae90575e46165b57807704d00b90b7f6fb2

Attributes
  • url4cnc

    http://teletop.top/viv0ramadium0

    http://teleta.top/viv0ramadium0

    https://t.me/viv0ramadium0

rc4.plain
rc4.plain

Targets

    • Target

      04a75ab7363eacb0899e4887a2a420eb

    • Size

      1.4MB

    • MD5

      04a75ab7363eacb0899e4887a2a420eb

    • SHA1

      29fb58f038da2f85aa025b0af012b1088d4ba7ac

    • SHA256

      3bd323cd4afb7082d04387b7381ecd19f2240104c56b8c2c8efed770c276105b

    • SHA512

      6f1698518550c6480a99ee9b7038ceee87976fdce84b0849b60e73111e895b9782f18c9463f24e149a3b12db7bbdc22f2d132342e24e432dbdc2a08a14dbc99b

    • SSDEEP

      24576:1p0a41sZb77n6Zv40QIi4BMvZqU13/Ya2Qq/OJBCoHMCbThYfbFBGBZy0yZBpydQ:QfdgpMcTsGhm5BF0y/+PTJu

    Score
    10/10
    raccoon6b473ae90575e46165b57807704d00b90b7f6fb2stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks