Overview

overview

10

Static

static

3

a71e3429da...62.exe

windows7-x64

10

a71e3429da...62.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-02-2024 19:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a71e3429daa217bcab7a07275d955c62.exe

  • Size

    580KB

  • MD5

    a71e3429daa217bcab7a07275d955c62

  • SHA1

    79ceefb0f9cfce5b7f86ff5f3d6ebaeac25bc0bd

  • SHA256

    31f5e47457abeabc5d7fad47465885b4f3154106261db814fbc60ab5dbc4f82f

  • SHA512

    1c1074a918f4ccb499874c8cae648cd15839b7bac048cd9c8ed4bc5e7d7f44dd3af581f8a8d93fa457571a9e65abb146bb063ec6daa4cab122cc12dff3659b07

  • SSDEEP

    12288:zV4RhbWCFzZbnOrR+XV3lZTTvMhLkIbZOKrRhkSwgAnpJW:zS4CFzZbnRjTvwkIbZOKcSw

Score
10/10
raccooncd8dc1031358b1aec55cc6bc447df1018b068607stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

cd8dc1031358b1aec55cc6bc447df1018b068607

Attributes
  • url4cnc

    https://telete.in/jagressor_kz

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a71e3429daa217bcab7a07275d955c62.exe
    "C:\Users\Admin\AppData\Local\Temp\a71e3429daa217bcab7a07275d955c62.exe"
    1⤵
      PID:2392

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2392-1-0x00000000007C0000-0x00000000008C0000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/2392-2-0x0000000000720000-0x00000000007B1000-memory.dmp
      Filesize

      580KB

      Download
    • memory/2392-3-0x0000000000400000-0x00000000004AC000-memory.dmp
      Filesize

      688KB

      Download
    • memory/2392-4-0x0000000000400000-0x00000000004AC000-memory.dmp
      Filesize

      688KB

      Download
    • memory/2392-5-0x00000000007C0000-0x00000000008C0000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/2392-7-0x0000000000720000-0x00000000007B1000-memory.dmp
      Filesize

      580KB

      Download