raccoon | 4534091eb38b64fa82a5198841c841beec6f567fdf42b41a2b8b8781adc54805 | Triage

Analysis

max time kernel
147s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
11/03/2024, 23:22

Sharing

Report Analysis Logs

General

Target

c1dd4c4702377c14c9dcc26a9f6475dc.exe
Size

539KB
MD5

c1dd4c4702377c14c9dcc26a9f6475dc
SHA1

747d5c952683a56a94781d42f33b5d899d548f44
SHA256

4534091eb38b64fa82a5198841c841beec6f567fdf42b41a2b8b8781adc54805
SHA512

10ecb38883b1a03ed1d6046f0cc7d5c5923f1d88c21b18f5b505fad98c8b3a6828acf44551b4bceb4be289af3911c9cac66d4b7e06a26424c608a0835002b4f2
SSDEEP

12288:+IPsih9tp/crz1Uzlr6QHLvzYa77/DRlCa4cV:vs8p/Gz1W56kLvP77mHs

Score

10^/10

raccoon stealer

Malware Config

Signatures

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer V1 payload 3 IoCs

resource	yara_rule
behavioral2/memory/408-1-0x0000000004A30000-0x0000000004AC2000-memory.dmp	family_raccoon_v1
behavioral2/memory/408-2-0x0000000000400000-0x0000000004805000-memory.dmp	family_raccoon_v1
behavioral2/memory/408-4-0x0000000004A30000-0x0000000004AC2000-memory.dmp	family_raccoon_v1

C:\Users\Admin\AppData\Local\Temp\c1dd4c4702377c14c9dcc26a9f6475dc.exe
"C:\Users\Admin\AppData\Local\Temp\c1dd4c4702377c14c9dcc26a9f6475dc.exe"
1⤵
PID:408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/408-0-0x00000000048E0000-0x0000000004930000-memory.dmp

Filesize
320KB

Download
memory/408-1-0x0000000004A30000-0x0000000004AC2000-memory.dmp

Filesize
584KB

Download
memory/408-2-0x0000000000400000-0x0000000004805000-memory.dmp

Filesize
68.0MB

Download
memory/408-4-0x0000000004A30000-0x0000000004AC2000-memory.dmp

Filesize
584KB

Download