Analysis
-
max time kernel
145s -
max time network
118s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
02-01-2024 16:09
Static task
static1
Behavioral task
behavioral1
Sample
cbf99c5950929c2aecac3b6244b124c4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
cbf99c5950929c2aecac3b6244b124c4.exe
Resource
win10v2004-20231215-en
General
-
Target
cbf99c5950929c2aecac3b6244b124c4.exe
-
Size
579KB
-
MD5
cbf99c5950929c2aecac3b6244b124c4
-
SHA1
1c83aed9a714f0faa40d22dd0f5ab4e42a6a0a76
-
SHA256
267e80d62ad886f9b3db43bbcb3480bfcdb6cfaa8b7caa687536108f4c7ac851
-
SHA512
e68ea194e99d7a290a20efe45909e86b885520813910e5aa54bebc1133a7252d5e2564b399721dcb65c74113da87bb45963e871d3b3185e4ac8e3b94c1ece128
-
SSDEEP
12288:2mdySX5NBrQAZiyEeHcSnGpXLHkTZsfBQE91PDgWhnZ/skeL2PMY:2G5NBrQA3+XLElsfSELDgGnmkjr
Malware Config
Extracted
raccoon
1.7.3
cd8dc1031358b1aec55cc6bc447df1018b068607
-
url4cnc
https://telete.in/jagressor_kz
Signatures
-
Raccoon Stealer V1 payload 4 IoCs
Processes:
resource yara_rule behavioral2/memory/3424-2-0x00000000021F0000-0x0000000002281000-memory.dmp family_raccoon_v1 behavioral2/memory/3424-3-0x0000000000400000-0x00000000004AC000-memory.dmp family_raccoon_v1 behavioral2/memory/3424-4-0x0000000000400000-0x00000000004AC000-memory.dmp family_raccoon_v1 behavioral2/memory/3424-7-0x00000000021F0000-0x0000000002281000-memory.dmp family_raccoon_v1
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3424-2-0x00000000021F0000-0x0000000002281000-memory.dmpFilesize
580KB
-
memory/3424-3-0x0000000000400000-0x00000000004AC000-memory.dmpFilesize
688KB
-
memory/3424-1-0x0000000000810000-0x0000000000910000-memory.dmpFilesize
1024KB
-
memory/3424-4-0x0000000000400000-0x00000000004AC000-memory.dmpFilesize
688KB
-
memory/3424-7-0x00000000021F0000-0x0000000002281000-memory.dmpFilesize
580KB
-
memory/3424-6-0x0000000000810000-0x0000000000910000-memory.dmpFilesize
1024KB