raccoon | 4c09e5f24bbd5ce9d6f41b04d2aadcfe1b08c28730e807021030d3d9598c37a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28047fe233c184edaf2dcf7ab13e76c0
Size

575KB
Sample

231225-sg8qjaecap
MD5

28047fe233c184edaf2dcf7ab13e76c0
SHA1

5b47492202fbdfeb623516c241bb4438cd417a2d
SHA256

4c09e5f24bbd5ce9d6f41b04d2aadcfe1b08c28730e807021030d3d9598c37a5
SHA512

17af8333a6d483d6fa0c1efce389ccd35f2b07dff0cc55ff98a6d8f6649eaec275c8fb992ab3c95ca520914c617d5b2e635984b416be65a78cdbd47f98a3f510
SSDEEP

12288:wQCQi4c5VtvEIhoQ2+ra2RHdFzth8guBI8SB6WAmNrzDznLR5Jg:wr5VtvtraodBt/qYpAmN3N4

Score

10^/10

raccoon 47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295 stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295

Attributes

url4cnc
https://telete.in/h_ghaibin2_1

rc4.plain

rc4.plain

Targets

- Target
  
  28047fe233c184edaf2dcf7ab13e76c0
- Size
  
  575KB
- MD5
  
  28047fe233c184edaf2dcf7ab13e76c0
- SHA1
  
  5b47492202fbdfeb623516c241bb4438cd417a2d
- SHA256
  
  4c09e5f24bbd5ce9d6f41b04d2aadcfe1b08c28730e807021030d3d9598c37a5
- SHA512
  
  17af8333a6d483d6fa0c1efce389ccd35f2b07dff0cc55ff98a6d8f6649eaec275c8fb992ab3c95ca520914c617d5b2e635984b416be65a78cdbd47f98a3f510
- SSDEEP
  
  12288:wQCQi4c5VtvEIhoQ2+ra2RHdFzth8guBI8SB6WAmNrzDznLR5Jg:wr5VtvtraodBt/qYpAmN3N4
Score

10^/10

raccoon 47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295stealer

behavioral2