raccoon | 9ab3fd9a10978aa74e17f836865f7b97d9db2f755d22e96b851767cdf810a978 | Triage

Sharing

General

Target

b48aa7fe83538a4f46e6d92376b97415
Size

575KB
Sample

240305-m3szbadb6x
MD5

b48aa7fe83538a4f46e6d92376b97415
SHA1

27abd37894b28ec204848c4af44d745689a138d7
SHA256

9ab3fd9a10978aa74e17f836865f7b97d9db2f755d22e96b851767cdf810a978
SHA512

3c51db18bf63e47257085b63822788f0505126126d00f4e93622c437ba20b3e3fe662171e17571188ac9a64fd6f6307dc2f33d226c866c6700bd3acb944726be
SSDEEP

12288:ZQttSVx2VAI9w5Mpn/9baiPdRxz/R40RO9YzgybvZj3+4WIyQDuvF:Zr2VAIJJacJ7RMqg+j3+4HDuvF

Score

10^/10

raccoon 47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295 stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295

Attributes

url4cnc
https://telete.in/h_ghaibin2_1

rc4.plain

rc4.plain

Targets

- Target
  
  b48aa7fe83538a4f46e6d92376b97415
- Size
  
  575KB
- MD5
  
  b48aa7fe83538a4f46e6d92376b97415
- SHA1
  
  27abd37894b28ec204848c4af44d745689a138d7
- SHA256
  
  9ab3fd9a10978aa74e17f836865f7b97d9db2f755d22e96b851767cdf810a978
- SHA512
  
  3c51db18bf63e47257085b63822788f0505126126d00f4e93622c437ba20b3e3fe662171e17571188ac9a64fd6f6307dc2f33d226c866c6700bd3acb944726be
- SSDEEP
  
  12288:ZQttSVx2VAI9w5Mpn/9baiPdRxz/R40RO9YzgybvZj3+4WIyQDuvF:Zr2VAIJJacJ7RMqg+j3+4HDuvF
Score

10^/10

raccoon 47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295stealer

behavioral2

raccoon47d7804050cf1a9fc16d1a8d1e7fe8a3660b9295stealer