raccoon | 85ab17e1b22b87b9aa6058da5a239f41efb41f6e12f25c380508c636053e4975 | Triage

Sharing

General

Target

50516ba042ed1aaae22e56c6507c2bfb
Size

2.7MB
Sample

240110-mj8wesdfeq
MD5

50516ba042ed1aaae22e56c6507c2bfb
SHA1

a462d0473733f518807bd380d9468eb94321abb6
SHA256

85ab17e1b22b87b9aa6058da5a239f41efb41f6e12f25c380508c636053e4975
SHA512

8a5ccc941e3cc4793651e0ba1e2775cc9f6782235eee32854b7be961dbc44c3d9e260e5c17c9c0224a2a2e441dc6a26014b3fe8cc21716d7e4d17be476eb9ce8
SSDEEP

49152:pr9V00000000000000000000000000l1zILnkoyQ:pBV00000000000000000000000000Un7

Score

10^/10

raccoon b57b0b81a0c25a76ce0260ff30d839aed6f62158 stealer

Malware Config

Extracted

Family

raccoon

Botnet

b57b0b81a0c25a76ce0260ff30d839aed6f62158

Attributes

url4cnc
https://telete.in/hubabuccpower

rc4.plain

rc4.plain

Targets

- Target
  
  50516ba042ed1aaae22e56c6507c2bfb
- Size
  
  2.7MB
- MD5
  
  50516ba042ed1aaae22e56c6507c2bfb
- SHA1
  
  a462d0473733f518807bd380d9468eb94321abb6
- SHA256
  
  85ab17e1b22b87b9aa6058da5a239f41efb41f6e12f25c380508c636053e4975
- SHA512
  
  8a5ccc941e3cc4793651e0ba1e2775cc9f6782235eee32854b7be961dbc44c3d9e260e5c17c9c0224a2a2e441dc6a26014b3fe8cc21716d7e4d17be476eb9ce8
- SSDEEP
  
  49152:pr9V00000000000000000000000000l1zILnkoyQ:pBV00000000000000000000000000Un7
Score

10^/10

raccoon b57b0b81a0c25a76ce0260ff30d839aed6f62158 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoonb57b0b81a0c25a76ce0260ff30d839aed6f62158stealer

behavioral2