Overview

overview

10

Static

static

3

cd2dda4750...7c.exe

windows7-x64

10

cd2dda4750...7c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd2dda475065ca19a87fef773d29837c

  • Size

    1.5MB

  • Sample

    240316-fqe4csee52

  • MD5

    cd2dda475065ca19a87fef773d29837c

  • SHA1

    03681c4ba67b25814f388a9ec2331681a104da06

  • SHA256

    86be7e271ff5976401fab7697d671398ce7612b461326b60bd7c5cf82d5dd413

  • SHA512

    bc1a0d0ce804415a7ad6b35ce738145d2417c21bb53c6d803864fc67d96e8dd79b4cb17edd3dd149cdefaf36a9772a21fea1c092bfd73eeea1ee0942d64f7402

  • SSDEEP

    24576:u7WyfNGtTHMF+WNxccRzp6RXiAmJD+1ueBUUIYkBC:oHGBsF+SxF96hiVC1zBUhA

Score
10/10
raccoon7ffdc0de40d09810438d04c4d2b8f65bca253bafstealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

7ffdc0de40d09810438d04c4d2b8f65bca253baf

Attributes
  • url4cnc

    https://telete.in/happyteslafalcon

rc4.plain
rc4.plain

Targets

    • Target

      cd2dda475065ca19a87fef773d29837c

    • Size

      1.5MB

    • MD5

      cd2dda475065ca19a87fef773d29837c

    • SHA1

      03681c4ba67b25814f388a9ec2331681a104da06

    • SHA256

      86be7e271ff5976401fab7697d671398ce7612b461326b60bd7c5cf82d5dd413

    • SHA512

      bc1a0d0ce804415a7ad6b35ce738145d2417c21bb53c6d803864fc67d96e8dd79b4cb17edd3dd149cdefaf36a9772a21fea1c092bfd73eeea1ee0942d64f7402

    • SSDEEP

      24576:u7WyfNGtTHMF+WNxccRzp6RXiAmJD+1ueBUUIYkBC:oHGBsF+SxF96hiVC1zBUhA

    Score
    10/10
    raccoon7ffdc0de40d09810438d04c4d2b8f65bca253bafstealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks