Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05/02/2024, 01:56

General

  • Target

    90ba98cd1e82fe56b6298d223fce19e8.exe

  • Size

    484KB

  • MD5

    90ba98cd1e82fe56b6298d223fce19e8

  • SHA1

    3be8aae5fe56079539f6031678ac33f6ac79e37b

  • SHA256

    a2f1c5af04a6f8e79461bdaa3847ba47c7a7bb03d2689c9577035a4f49b6f133

  • SHA512

    70a39692467e2a24b8d2223209d3a3673fb36eb705fa6e2f73404a655bd3fb536023965df308bb6bdc70b73a47086a8df5d5e15321edf4e3a7e6bee1998e5903

  • SSDEEP

    6144:zuAKghYlfP7Fz5Fgo+S0wHhzViVM+zncJ0Pnqr1zwl/EIoB3i3GllxH9/OfSGKP2:+fgoRHF8MGeYC5iIbpPVUxJAAw

Score
10/10

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

  • Raccoon Stealer V1 payload 4 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\90ba98cd1e82fe56b6298d223fce19e8.exe
    "C:\Users\Admin\AppData\Local\Temp\90ba98cd1e82fe56b6298d223fce19e8.exe"
    1⤵
    • Modifies system certificate store
    PID:860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/860-1-0x0000000002D80000-0x0000000002E80000-memory.dmp

    Filesize

    1024KB

  • memory/860-2-0x0000000000300000-0x0000000000391000-memory.dmp

    Filesize

    580KB

  • memory/860-3-0x0000000000400000-0x0000000002CAF000-memory.dmp

    Filesize

    40.7MB

  • memory/860-4-0x0000000000400000-0x0000000002CAF000-memory.dmp

    Filesize

    40.7MB

  • memory/860-5-0x0000000002D80000-0x0000000002E80000-memory.dmp

    Filesize

    1024KB

  • memory/860-7-0x0000000000300000-0x0000000000391000-memory.dmp

    Filesize

    580KB