Analysis

  • max time kernel
    179s
  • max time network
    195s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-03-2024 21:45

General

  • Target

    b0798cb9cac65ad39c92ece692dde238.exe

  • Size

    582KB

  • MD5

    b0798cb9cac65ad39c92ece692dde238

  • SHA1

    13a4a5d959c7754308c93e1f0fddd316479183f4

  • SHA256

    94e6fa0bac302f238824b37ed63197a7ec24079ef8a5a546c27c59107d101ad1

  • SHA512

    d1d0cc29ac5fa0e83380dc2fb84721fa1eef6a7e5fe091670d69eeee8acf7f8583f43245df51f1bfa4b9fedaec66f7224bd6bc4b243a515c6d7f5109785d78ef

  • SSDEEP

    12288:NFyw7zKAdhwmtM36cYtpNDjKCYMy00MpZVakSvb:NFywj7CjBMLVakSv

Score
10/10

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b0798cb9cac65ad39c92ece692dde238.exe
    "C:\Users\Admin\AppData\Local\Temp\b0798cb9cac65ad39c92ece692dde238.exe"
    1⤵
      PID:1612

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1612-1-0x0000000003470000-0x0000000003570000-memory.dmp

      Filesize

      1024KB

    • memory/1612-2-0x0000000004F10000-0x0000000004FA3000-memory.dmp

      Filesize

      588KB

    • memory/1612-3-0x0000000000400000-0x000000000328D000-memory.dmp

      Filesize

      46.6MB

    • memory/1612-4-0x0000000000400000-0x000000000328D000-memory.dmp

      Filesize

      46.6MB

    • memory/1612-6-0x0000000003470000-0x0000000003570000-memory.dmp

      Filesize

      1024KB

    • memory/1612-8-0x0000000004F10000-0x0000000004FA3000-memory.dmp

      Filesize

      588KB