Overview

overview

10

Static

static

3

6cf1df06dc...63.exe

windows7-x64

10

6cf1df06dc...63.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6cf1df06dc076ebe0342f476a1ce4d96cfb640cd784e8f1b70b6fc2586414263

  • Size

    14.6MB

  • Sample

    240322-ts9bwafh8w

  • MD5

    f9a34f9c672f831c5898fe9a4a9e34ad

  • SHA1

    57810cf2e21035038b54d898173731ef13823f5d

  • SHA256

    6cf1df06dc076ebe0342f476a1ce4d96cfb640cd784e8f1b70b6fc2586414263

  • SHA512

    1dd2838315841185ab89adf7b53a735d6113827a9b61cf1428c4b2a1aaf75bb838c3c47558e6c47e1433689c80fc328224400cd50826bc2335b3160b3b90db90

  • SSDEEP

    196608:RGx8sHLDmin1/iVtC1acJlZ/dY8o+6AHun0ejyX/fT8X7gDd9PyeOSWk/CeGjfp:EbUtCBlZ19RuzyX/r8rgDvlOdk8

Score
10/10
raccoon23883deb102ef0839fbfe8fcef1a5fc7stealer

Malware Config

Extracted

Family

raccoon

Botnet

23883deb102ef0839fbfe8fcef1a5fc7

C2

http://83.217.11.6

http://37.220.87.69

http://83.217.11.14
Attributes
  • user_agent

    B1D3N_RIM_MY_ASS

xor.plain

Targets

    • Target

      6cf1df06dc076ebe0342f476a1ce4d96cfb640cd784e8f1b70b6fc2586414263

    • Size

      14.6MB

    • MD5

      f9a34f9c672f831c5898fe9a4a9e34ad

    • SHA1

      57810cf2e21035038b54d898173731ef13823f5d

    • SHA256

      6cf1df06dc076ebe0342f476a1ce4d96cfb640cd784e8f1b70b6fc2586414263

    • SHA512

      1dd2838315841185ab89adf7b53a735d6113827a9b61cf1428c4b2a1aaf75bb838c3c47558e6c47e1433689c80fc328224400cd50826bc2335b3160b3b90db90

    • SSDEEP

      196608:RGx8sHLDmin1/iVtC1acJlZ/dY8o+6AHun0ejyX/fT8X7gDd9PyeOSWk/CeGjfp:EbUtCBlZ19RuzyX/r8rgDvlOdk8

    Score
    10/10
    raccoon23883deb102ef0839fbfe8fcef1a5fc7stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V2 payload

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks