raccoon | fee83b417fef1503b9107eca4dd77b23e68066b49dcd0ec8dc23bca197575b12 | Triage

Submit
Reports

Overview

overview

Static

static

3

c0bb63dd4c...66.exe

windows7-x64

c0bb63dd4c...66.exe

windows10-2004-x64

Sharing

General

Target

c0bb63dd4cb7e09fed8ac253c05d6666
Size

28.8MB
Sample

240311-qz519agb93
MD5

c0bb63dd4cb7e09fed8ac253c05d6666
SHA1

270af337cebb05822fc02046b849626b0d773528
SHA256

fee83b417fef1503b9107eca4dd77b23e68066b49dcd0ec8dc23bca197575b12
SHA512

c660c97c1cea1826011d0d429ac0f8aaec719f7df59b50206a5aafda0ee6e7592b1ebdfc6cc767a68e711eb331782a648df0e306214e10d99da5f71a55f8e1bf
SSDEEP

786432:6IXRMHC78lK7s5LRbjpDmmxWMMJwB+XphB+HJQp6yUIKqB7:nRMHC6dtjMOWMH4hEU3D7

Score

10^/10

raccoon 7d45004cd75c003e1e509249826aef9c581bfc4a stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c0bb63dd4cb7e09fed8ac253c05d6666.exe

Resource

win7-20240221-en

raccoon 7d45004cd75c003e1e509249826aef9c581bfc4a stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

c0bb63dd4cb7e09fed8ac253c05d6666.exe

Resource

win10v2004-20240226-en

raccoon 7d45004cd75c003e1e509249826aef9c581bfc4a stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

7d45004cd75c003e1e509249826aef9c581bfc4a

Attributes

url4cnc
https://t.me/mohibrainos

rc4.plain

rc4.plain

Targets

- Target
  
  c0bb63dd4cb7e09fed8ac253c05d6666
- Size
  
  28.8MB
- MD5
  
  c0bb63dd4cb7e09fed8ac253c05d6666
- SHA1
  
  270af337cebb05822fc02046b849626b0d773528
- SHA256
  
  fee83b417fef1503b9107eca4dd77b23e68066b49dcd0ec8dc23bca197575b12
- SHA512
  
  c660c97c1cea1826011d0d429ac0f8aaec719f7df59b50206a5aafda0ee6e7592b1ebdfc6cc767a68e711eb331782a648df0e306214e10d99da5f71a55f8e1bf
- SSDEEP
  
  786432:6IXRMHC78lK7s5LRbjpDmmxWMMJwB+XphB+HJQp6yUIKqB7:nRMHC6dtjMOWMH4hEU3D7
Score

10^/10

raccoon 7d45004cd75c003e1e509249826aef9c581bfc4a stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon7d45004cd75c003e1e509249826aef9c581bfc4astealer

behavioral2

raccoon7d45004cd75c003e1e509249826aef9c581bfc4astealer

© 2018-2025

Terms | Privacy