raccoon | ecd0bbedfde9878654fdde7fcfa7be4f710c1c4874b958e68521375d613cd63d | Triage

Sharing

General

Target

628-56-0x0000000000400000-0x0000000001B40000-memory.dmp
Size

23.2MB
Sample

240314-whnzasag3w
MD5

0bfa570a512179f32561ede33fa879e9
SHA1

27d014e24812a76a7dd0d685b9695fb5e9872821
SHA256

ecd0bbedfde9878654fdde7fcfa7be4f710c1c4874b958e68521375d613cd63d
SHA512

1115b125a2e3b6232f704a0095826906af6e63a890942d07689266b58b9645bedeebbfdd3cd71d76e47ac7118464cc335d9ac6332f408b13b1cef18474c8269d
SSDEEP

6144:YMKFJFSvGpDbnD6suIhfQFTlPPpMsTbA:BKLFzpH7Ns9t

Score

10^/10

raccoon 3c85f6d12f0866626b35b64056ce8880

Malware Config

Extracted

Family

raccoon

Botnet

3c85f6d12f0866626b35b64056ce8880

C2

http://5.78.98.26:8088/

Attributes

user_agent
DuckTales

xor.plain

Targets

- Target
  
  628-56-0x0000000000400000-0x0000000001B40000-memory.dmp
- Size
  
  23.2MB
- MD5
  
  0bfa570a512179f32561ede33fa879e9
- SHA1
  
  27d014e24812a76a7dd0d685b9695fb5e9872821
- SHA256
  
  ecd0bbedfde9878654fdde7fcfa7be4f710c1c4874b958e68521375d613cd63d
- SHA512
  
  1115b125a2e3b6232f704a0095826906af6e63a890942d07689266b58b9645bedeebbfdd3cd71d76e47ac7118464cc335d9ac6332f408b13b1cef18474c8269d
- SSDEEP
  
  6144:YMKFJFSvGpDbnD6suIhfQFTlPPpMsTbA:BKLFzpH7Ns9t
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

3c85f6d12f0866626b35b64056ce8880raccoon

behavioral1

behavioral2