General

  • Target

    ce87ae25dbd1de55f8b0d59d2939a52f

  • Size

    492KB

  • Sample

    240316-t47bnagf79

  • MD5

    ce87ae25dbd1de55f8b0d59d2939a52f

  • SHA1

    5f7d096772a4685e82e5af62c73871be2b98509e

  • SHA256

    95869c20796b86d9a880de050a2b5bbec8a4b4f45abc92e15e34778ad8f5a9b8

  • SHA512

    4de19b80e7ccd49aece0900fb97c50b74dd72c0ec70a930c173e0cdc7b7964a64e31dba28f3842aa151bfe3fd897cb0dbbe9394c6773258b1565a57b528fbf04

  • SSDEEP

    12288:gRVolC4oPJpm/i9svYzZp91B/ebxbgolx51o/zt4/vz:wolexevYzH9j/Qxro/zti

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

cd8dc1031358b1aec55cc6bc447df1018b068607

Attributes
  • url4cnc

    https://telete.in/jagressor_kz

rc4.plain
rc4.plain

Targets

    • Target

      ce87ae25dbd1de55f8b0d59d2939a52f

    • Size

      492KB

    • MD5

      ce87ae25dbd1de55f8b0d59d2939a52f

    • SHA1

      5f7d096772a4685e82e5af62c73871be2b98509e

    • SHA256

      95869c20796b86d9a880de050a2b5bbec8a4b4f45abc92e15e34778ad8f5a9b8

    • SHA512

      4de19b80e7ccd49aece0900fb97c50b74dd72c0ec70a930c173e0cdc7b7964a64e31dba28f3842aa151bfe3fd897cb0dbbe9394c6773258b1565a57b528fbf04

    • SSDEEP

      12288:gRVolC4oPJpm/i9svYzZp91B/ebxbgolx51o/zt4/vz:wolexevYzH9j/Qxro/zti

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Tasks