raccoon | bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4 | Triage

Submit
Reports

Overview

overview

Static

static

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4
Size

8.4MB
Sample

240319-xfdwzscc9w
MD5

d38e84427edbc6789f1bb12ae69c6dc5
SHA1

718aa1778e1ad4a23b53adea4dbabeeb39b89f94
SHA256

bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4
SHA512

271966fc13137d5cda7eb9283c3c9c77361dd10d37eef713d0ac9c08326d930c1202d7470f1f2ad9e66f2a798354f09ce846139a8e2ca2b91d7719c215a68948
SSDEEP

98304:RzGZYB1meYcQQshYrU2wlGPLZJ4B5E4DFUakgnUmgQoQLfZNlT3/Msj:RMYPKhYrU2JPViBrzbgQo0/Msj

Score

10^/10

raccoon 389593f81b3f42bba8df3fcd0c7e358f stealer

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4.exe

Resource

win10v2004-20240226-en

raccoon 389593f81b3f42bba8df3fcd0c7e358f stealer

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4.exe

Resource

win11-20240221-en

raccoon 389593f81b3f42bba8df3fcd0c7e358f stealer

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

389593f81b3f42bba8df3fcd0c7e358f

C2

http://45.15.156.227/

Attributes

user_agent
901785252112

xor.plain

Targets

- Target
  
  bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4
- Size
  
  8.4MB
- MD5
  
  d38e84427edbc6789f1bb12ae69c6dc5
- SHA1
  
  718aa1778e1ad4a23b53adea4dbabeeb39b89f94
- SHA256
  
  bd4e3e2c455b2322b4b874a319a14c638e6b567c7c1e83edc839ac05aee1a6a4
- SHA512
  
  271966fc13137d5cda7eb9283c3c9c77361dd10d37eef713d0ac9c08326d930c1202d7470f1f2ad9e66f2a798354f09ce846139a8e2ca2b91d7719c215a68948
- SSDEEP
  
  98304:RzGZYB1meYcQQshYrU2wlGPLZJ4B5E4DFUakgnUmgQoQLfZNlT3/Msj:RMYPKhYrU2JPViBrzbgQo0/Msj
Score

10^/10

raccoon 389593f81b3f42bba8df3fcd0c7e358f stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon389593f81b3f42bba8df3fcd0c7e358fstealer

behavioral2

raccoon389593f81b3f42bba8df3fcd0c7e358fstealer

© 2018-2025

Terms | Privacy