Overview

overview

10

Static

static

3

9bcf985e6c...58.exe

windows7-x64

10

9bcf985e6c...58.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-01-2024 15:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9bcf985e6ccc2cd757ffe75de8ffc858.exe

  • Size

    587KB

  • MD5

    9bcf985e6ccc2cd757ffe75de8ffc858

  • SHA1

    18eec73533cc465bac6c2c304862a5f098eb004c

  • SHA256

    a20324349d1991711a2406feaf776ad5fcf2679803f67ceed8139f37d2ec796b

  • SHA512

    774394d60fa9b82f2fc8b059014b4039160472aa6fb858e80cd4e892b6d7634421d741a3edca3ac1bd3d8211947a0353a6b36a75df5cdd124ff66da90ec3b6bb

  • SSDEEP

    12288:bC78cApQTXXO08uN117CMWul6/vgXvJgG9yUk7iFX/kzI49To622:briXXO0culBXNyUk7o/8522

Score
10/10
raccoonb5998c5938c0648ce1e41086dc9f3e22ac1750bdstealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

b5998c5938c0648ce1e41086dc9f3e22ac1750bd

Attributes
  • url4cnc

    https://telete.in/forkmaster123

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9bcf985e6ccc2cd757ffe75de8ffc858.exe
    "C:\Users\Admin\AppData\Local\Temp\9bcf985e6ccc2cd757ffe75de8ffc858.exe"
    1⤵
      PID:4560

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4560-1-0x00000000007C0000-0x00000000008C0000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/4560-2-0x0000000000720000-0x00000000007B3000-memory.dmp
      Filesize

      588KB

      Download
    • memory/4560-3-0x0000000000400000-0x00000000004AE000-memory.dmp
      Filesize

      696KB

      Download
    • memory/4560-4-0x0000000000400000-0x00000000004AE000-memory.dmp
      Filesize

      696KB

      Download
    • memory/4560-6-0x00000000007C0000-0x00000000008C0000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/4560-7-0x0000000000720000-0x00000000007B3000-memory.dmp
      Filesize

      588KB

      Download