raccoon | 2649b5677712eede2280e3e7a8bca84561c14fba82c99b291619d1b91005c8e4 | Triage

Submit
Reports

Overview

overview

Static

static

3

d35e7ff5f6...84.exe

windows7-x64

d35e7ff5f6...84.exe

windows10-2004-x64

Sharing

General

Target

d35e7ff5f6287ff8b7fcf92ea41bf684
Size

6.0MB
Sample

240318-nd8txafd84
MD5

d35e7ff5f6287ff8b7fcf92ea41bf684
SHA1

ee2165c01ab97a8f626ff3c20441c75b3ad1d988
SHA256

2649b5677712eede2280e3e7a8bca84561c14fba82c99b291619d1b91005c8e4
SHA512

4355a46578bada0c63b9f310007d9e363267bbb3e43c13fc97e03ec14763c5be9e081bd554601709ee076b43595d14e6c3e3c0d0d9d63cb1885b0232f78ad716
SSDEEP

12288:tzABi//umuZS/7EFuMRyKaqbH7QN9m82Eeyd8LCx+ZrHfYidPg904AX0dJKwkPpO:t

Score

10^/10

raccoon 6f7860809c204056192cc56f58efac7d28e0da9b stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d35e7ff5f6287ff8b7fcf92ea41bf684.exe

Resource

win7-20240221-en

raccoon 6f7860809c204056192cc56f58efac7d28e0da9b stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

d35e7ff5f6287ff8b7fcf92ea41bf684.exe

Resource

win10v2004-20231215-en

raccoon 6f7860809c204056192cc56f58efac7d28e0da9b stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

6f7860809c204056192cc56f58efac7d28e0da9b

Attributes

url4cnc
https://telete.in/hobaoparunjohnyrun2

rc4.plain

rc4.plain

Targets

- Target
  
  d35e7ff5f6287ff8b7fcf92ea41bf684
- Size
  
  6.0MB
- MD5
  
  d35e7ff5f6287ff8b7fcf92ea41bf684
- SHA1
  
  ee2165c01ab97a8f626ff3c20441c75b3ad1d988
- SHA256
  
  2649b5677712eede2280e3e7a8bca84561c14fba82c99b291619d1b91005c8e4
- SHA512
  
  4355a46578bada0c63b9f310007d9e363267bbb3e43c13fc97e03ec14763c5be9e081bd554601709ee076b43595d14e6c3e3c0d0d9d63cb1885b0232f78ad716
- SSDEEP
  
  12288:tzABi//umuZS/7EFuMRyKaqbH7QN9m82Eeyd8LCx+ZrHfYidPg904AX0dJKwkPpO:t
Score

10^/10

raccoon 6f7860809c204056192cc56f58efac7d28e0da9b stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon6f7860809c204056192cc56f58efac7d28e0da9bstealer

behavioral2

raccoon6f7860809c204056192cc56f58efac7d28e0da9bstealer

© 2018-2025

Terms | Privacy