raccoon | 85205aa3ad824b5172d5da841d253c3a54aff5d00eb2c208029e9453008f132c | Triage

Submit
Reports

Overview

overview

Static

static

1

5707ddada5...e1.exe

windows7-x64

5707ddada5...e1.exe

windows10-2004-x64

Sharing

General

Target

5707ddada5b7ea6bef434cd294fa12e1
Size

1.3MB
Sample

240112-vp1q1acgf6
MD5

5707ddada5b7ea6bef434cd294fa12e1
SHA1

45bb285a597b30e100ed4b15d96a29d718697e5e
SHA256

85205aa3ad824b5172d5da841d253c3a54aff5d00eb2c208029e9453008f132c
SHA512

91cbdbf8da7e4e34de45a99359bdc321a66d6646ed14a1042346824c8daa6237281eff3b00fd162009c5e3204e5a7cd3b944f05e18b7f9066d0f9dd16b56bf13
SSDEEP

12288:N6rSzjXEcnSULhiyvAt/rLpd6x4UcGcDEEsDHGZuWS9OcUrFv3cO927NIjybs1GJ:HXEcn3LsIyLc91IE

Score

10^/10

raccoon 471c70de3b4f9e4d493e418d1f60a90659057de0 stealer

Static task

static1

Behavioral task

behavioral1

Sample

5707ddada5b7ea6bef434cd294fa12e1.exe

Resource

win7-20231215-en

raccoon 471c70de3b4f9e4d493e418d1f60a90659057de0 stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

5707ddada5b7ea6bef434cd294fa12e1.exe

Resource

win10v2004-20231215-en

raccoon 471c70de3b4f9e4d493e418d1f60a90659057de0 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

471c70de3b4f9e4d493e418d1f60a90659057de0

Attributes

url4cnc
https://telete.in/p1rosto100xx

rc4.plain

rc4.plain

Targets

- Target
  
  5707ddada5b7ea6bef434cd294fa12e1
- Size
  
  1.3MB
- MD5
  
  5707ddada5b7ea6bef434cd294fa12e1
- SHA1
  
  45bb285a597b30e100ed4b15d96a29d718697e5e
- SHA256
  
  85205aa3ad824b5172d5da841d253c3a54aff5d00eb2c208029e9453008f132c
- SHA512
  
  91cbdbf8da7e4e34de45a99359bdc321a66d6646ed14a1042346824c8daa6237281eff3b00fd162009c5e3204e5a7cd3b944f05e18b7f9066d0f9dd16b56bf13
- SSDEEP
  
  12288:N6rSzjXEcnSULhiyvAt/rLpd6x4UcGcDEEsDHGZuWS9OcUrFv3cO927NIjybs1GJ:HXEcn3LsIyLc91IE
Score

10^/10

raccoon 471c70de3b4f9e4d493e418d1f60a90659057de0 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoon471c70de3b4f9e4d493e418d1f60a90659057de0stealer

behavioral2

raccoon471c70de3b4f9e4d493e418d1f60a90659057de0stealer

© 2018-2024

Terms | Privacy