Overview

overview

10

Static

static

1

ac2cbac54f...41.exe

windows7-x64

10

ac2cbac54f...41.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ac2cbac54f9d8388529b12a727d4e441.exe

  • Size

    5.2MB

  • MD5

    ac2cbac54f9d8388529b12a727d4e441

  • SHA1

    76b8ae3e5996241ca1b4f378e3418125b894032c

  • SHA256

    bc458042cf51dca5781a9e1da79b5a40103dcdd3b12496321cfdaf13ce85c93c

  • SHA512

    2aa65e051e85afe221bea0cceaab938949d7f06dea0ee2fc638c78c2bbc344a1e5e639a1fc3d7c136ce2ab43a61a7162a9da3e8df82462955214b3dbcafad46f

  • SSDEEP

    98304:aT6Fnxh0AGsqUunZoQtc0HhADH6DXWVyJAOp6N8gA5bO:ok5bbuaOVHWT6b9JXpNg+bO

Score
10/10
raccoonstealer

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 3 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ac2cbac54f9d8388529b12a727d4e441.exe
    "C:\Users\Admin\AppData\Local\Temp\ac2cbac54f9d8388529b12a727d4e441.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1672-1-0x0000000000400000-0x0000000000C91000-memory.dmp

    Filesize

    8.6MB

    Download

  • memory/1672-0-0x0000000000D80000-0x0000000000D81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1672-2-0x0000000002AF0000-0x0000000002AF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1672-3-0x0000000000400000-0x0000000000C91000-memory.dmp

    Filesize

    8.6MB

    Download

  • memory/1672-7-0x0000000000400000-0x0000000000C91000-memory.dmp

    Filesize

    8.6MB

    Download