General

  • Target

    848b1ba08b8b8ef14ea675aabe5fca3b

  • Size

    433KB

  • Sample

    240131-qsgp3sfafn

  • MD5

    848b1ba08b8b8ef14ea675aabe5fca3b

  • SHA1

    779594fbaa056b965a6f2bdeb236dd7d219b777d

  • SHA256

    f39587daf3182dc632684a65c67081516371a602e4783c9a73292974952e0097

  • SHA512

    a93652bdfe8427292400bf88530193abfb98ecd04c7b4c9b270eb9140222b290108dcec21d799b261ad3ec3f309e05bc3f4832b635adda6ff4ddd78e0f145a1c

  • SSDEEP

    12288:1N8EJCTGJfKdD6h+9Pw+gZwePagW2F/9R6rtbve:1N8EJCTGMdX9Pq7JdF1EFe

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

d8fff758d87cec5cd931a5e8bc365f84406f03ec

Attributes
  • url4cnc

    https://t.me/gishsunsetman

rc4.plain
rc4.plain

Targets

    • Target

      848b1ba08b8b8ef14ea675aabe5fca3b

    • Size

      433KB

    • MD5

      848b1ba08b8b8ef14ea675aabe5fca3b

    • SHA1

      779594fbaa056b965a6f2bdeb236dd7d219b777d

    • SHA256

      f39587daf3182dc632684a65c67081516371a602e4783c9a73292974952e0097

    • SHA512

      a93652bdfe8427292400bf88530193abfb98ecd04c7b4c9b270eb9140222b290108dcec21d799b261ad3ec3f309e05bc3f4832b635adda6ff4ddd78e0f145a1c

    • SSDEEP

      12288:1N8EJCTGJfKdD6h+9Pw+gZwePagW2F/9R6rtbve:1N8EJCTGMdX9Pq7JdF1EFe

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks