raccoon | 5a8836d0ec8f7e56ab006e62d12403efe74a3e1962eab06329f795feb1ff11e9 | Triage

Sharing

General

Target

d4f8127360d5cd7e1f6a10d3dfbba6d4
Size

899KB
Sample

240319-crfjqsef99
MD5

d4f8127360d5cd7e1f6a10d3dfbba6d4
SHA1

b0abd21c3cfaaf3ccb905b88737e8c3e45de16fc
SHA256

5a8836d0ec8f7e56ab006e62d12403efe74a3e1962eab06329f795feb1ff11e9
SHA512

bda6b585b30ae58d6eaaede3d8b4eef1acdb453eaf17fb121eb8982ce5abb8abf65645122855ab5228aa2494a4c3d8344a39b1b4fc1dc466f6babec8f0db94a2
SSDEEP

24576:A4c3+VbG0AOOy8GxNCg/sHiu+uwWggp0FF8V3:Acs0lOwx/kCUp0Fi

Score

10^/10

raccoon d7b6e0cee1cd813ad40c812cf45171cf0360e249 stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

d7b6e0cee1cd813ad40c812cf45171cf0360e249

Attributes

url4cnc
https://telete.in/mimipanera11

rc4.plain

rc4.plain

Targets

- Target
  
  d4f8127360d5cd7e1f6a10d3dfbba6d4
- Size
  
  899KB
- MD5
  
  d4f8127360d5cd7e1f6a10d3dfbba6d4
- SHA1
  
  b0abd21c3cfaaf3ccb905b88737e8c3e45de16fc
- SHA256
  
  5a8836d0ec8f7e56ab006e62d12403efe74a3e1962eab06329f795feb1ff11e9
- SHA512
  
  bda6b585b30ae58d6eaaede3d8b4eef1acdb453eaf17fb121eb8982ce5abb8abf65645122855ab5228aa2494a4c3d8344a39b1b4fc1dc466f6babec8f0db94a2
- SSDEEP
  
  24576:A4c3+VbG0AOOy8GxNCg/sHiu+uwWggp0FF8V3:Acs0lOwx/kCUp0Fi
Score

10^/10

raccoon d7b6e0cee1cd813ad40c812cf45171cf0360e249 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoond7b6e0cee1cd813ad40c812cf45171cf0360e249stealer

behavioral2

raccoond7b6e0cee1cd813ad40c812cf45171cf0360e249stealer