Overview

overview

10

Static

static

3

d1df925bb7...8a.exe

windows7-x64

10

d1df925bb7...8a.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/03/2024, 21:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1df925bb71198bc73a8a6a3b2c9718a.exe

  • Size

    497KB

  • MD5

    d1df925bb71198bc73a8a6a3b2c9718a

  • SHA1

    52daaa5ef8e8df0d71c4d846ea243ac74c7c32e6

  • SHA256

    a6f0dc73e69c768ad702394dc9250700e54e3439a9adb609b119292f70200522

  • SHA512

    acbb0beee1a795aa42667693998efd23304182793eabfdc22e9102d78c8f45b34dcb1677bc286b58ba8ce0aca12781ad1580df1665f3e80fe8cc8635e4e8cc25

  • SSDEEP

    12288:EhuAaTmefxMmGyU32gKFN0YR7rjks62d629+j+RkPs5BM9S:XAa3knJAeyjj9J91C

Score
10/10
raccoon093fc32b9e79472deedeb85910e1cd0f5f2b85bfstealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

093fc32b9e79472deedeb85910e1cd0f5f2b85bf

Attributes
  • url4cnc

    https://telete.in/newmanwaterwall

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d1df925bb71198bc73a8a6a3b2c9718a.exe
    "C:\Users\Admin\AppData\Local\Temp\d1df925bb71198bc73a8a6a3b2c9718a.exe"
    1⤵
      PID:2572

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2572-1-0x0000000000600000-0x0000000000700000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2572-2-0x00000000020A0000-0x0000000002133000-memory.dmp

      Filesize

      588KB

      Download

    • memory/2572-3-0x0000000000400000-0x0000000000496000-memory.dmp

      Filesize

      600KB

      Download

    • memory/2572-4-0x0000000000400000-0x0000000000496000-memory.dmp

      Filesize

      600KB

      Download

    • memory/2572-6-0x0000000000600000-0x0000000000700000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2572-7-0x00000000020A0000-0x0000000002133000-memory.dmp

      Filesize

      588KB

      Download