General

  • Target

    8be4597670980d68f8e61a9c04bf6de2

  • Size

    905KB

  • Sample

    240203-klcjwsdcd5

  • MD5

    8be4597670980d68f8e61a9c04bf6de2

  • SHA1

    0ef8a20abc5cc6c223063d8bfa7cb2b234b6934b

  • SHA256

    b6bca3be46b8233b37c3f473362d8c749d302d3183d07487ff09d267f082d02a

  • SHA512

    b6738824960e548500f300c1629293a1f02efe66633a16f78717626ca554e146a55a4303e7379dcff5d3ac8d5243af86d1e254c781f4e33e3e6aea055b74ab91

  • SSDEEP

    24576:FQ4c3+VbG0AOOy8GgUl9BchK3uwWggp0F/of/:FQcs0lOwfzchKgp0FW

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

d7b6e0cee1cd813ad40c812cf45171cf0360e249

Attributes
  • url4cnc

    https://telete.in/mimipanera11

rc4.plain
rc4.plain

Targets

    • Target

      8be4597670980d68f8e61a9c04bf6de2

    • Size

      905KB

    • MD5

      8be4597670980d68f8e61a9c04bf6de2

    • SHA1

      0ef8a20abc5cc6c223063d8bfa7cb2b234b6934b

    • SHA256

      b6bca3be46b8233b37c3f473362d8c749d302d3183d07487ff09d267f082d02a

    • SHA512

      b6738824960e548500f300c1629293a1f02efe66633a16f78717626ca554e146a55a4303e7379dcff5d3ac8d5243af86d1e254c781f4e33e3e6aea055b74ab91

    • SSDEEP

      24576:FQ4c3+VbG0AOOy8GgUl9BchK3uwWggp0F/of/:FQcs0lOwfzchKgp0FW

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks