raccoon | 45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503 | Triage

Submit
Reports

Overview

overview

Static

static

45c1e993db...03.exe

windows7-x64

9

45c1e993db...03.exe

windows10-2004-x64

Sharing

General

Target

45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503.exe
Size

2.6MB
Sample

240213-djqkeafa72
MD5

38439fdf4744c8a97c0dafce36e4f432
SHA1

e6f56833ecfb2b47f4e39a290bad959776fea2f1
SHA256

45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503
SHA512

69feeaeb83ee5b6773e2919716d9ab2f4acee2f6115ef1731557258f42a5b529760402a091c64be1707a13c4b4cfb09e79ddb0eff24cd3e77fa1e4b355cda407
SSDEEP

49152:01+6+AFUaW+Vvdj8Lf8JtKHibnPIb2qohbLLkYPTRAEOOaS4d5eTovYuLL:XANzVvdw4Jr76oNLpPNAEkeTYpLL

Score

10^/10

raccoon 2637bf45ccfc8a2d57025feab0be0b31 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503.exe

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503.exe

Resource

win10v2004-20231215-en

raccoon 2637bf45ccfc8a2d57025feab0be0b31 stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

2637bf45ccfc8a2d57025feab0be0b31

C2

http://194.116.173.154:80

Attributes

user_agent
MrBidenNeverKnow

xor.plain

1
2637bf45ccfc8a2d57025feab0be0b31

Targets

- Target
  
  45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503.exe
- Size
  
  2.6MB
- MD5
  
  38439fdf4744c8a97c0dafce36e4f432
- SHA1
  
  e6f56833ecfb2b47f4e39a290bad959776fea2f1
- SHA256
  
  45c1e993dbcdef4111153f9c6ad3eb07a1bd8b50cb6164e4d55098412dfd4503
- SHA512
  
  69feeaeb83ee5b6773e2919716d9ab2f4acee2f6115ef1731557258f42a5b529760402a091c64be1707a13c4b4cfb09e79ddb0eff24cd3e77fa1e4b355cda407
- SSDEEP
  
  49152:01+6+AFUaW+Vvdj8Lf8JtKHibnPIb2qohbLLkYPTRAEOOaS4d5eTovYuLL:XANzVvdw4Jr76oNLpPNAEkeTYpLL
Score

10^/10

raccoon 2637bf45ccfc8a2d57025feab0be0b31 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Detects executables containing SQL queries to confidential data stores. Observed in infostealers
- Detects executables manipulated with Fody
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoon2637bf45ccfc8a2d57025feab0be0b31stealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.