Overview

overview

10

Static

static

1

de2492f2a4...95.exe

windows7-x64

10

de2492f2a4...95.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de2492f2a4cf4a3018e3e4814bf40895

  • Size

    486KB

  • Sample

    240325-qzqlkace7s

  • MD5

    de2492f2a4cf4a3018e3e4814bf40895

  • SHA1

    4ec461c3c639b9a8db0a2f8224c490ac9681964b

  • SHA256

    c3ccce1b034afe8dfd13db2057d97c84060edec3ddcf9db8b93f8d9bbb089cb7

  • SHA512

    b9d63b79a02879c5e835f108703512a1b12aa82cafedbc1243a7a9f99e862565fc6cd6e35e0e4c17a4fee2ac4c03fec45331d1eef1c2b6fad954d51fce1ffac1

  • SSDEEP

    12288:kBLPOI/Sop5gPSR3I8LYWhOcdn6oroBJLK1k:kB3qocPSR3TYwOV/TLK1k

Score
10/10
raccoon04d511fa4566fa4f749bc15a75b397df3548d126stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

04d511fa4566fa4f749bc15a75b397df3548d126

Attributes
  • url4cnc

    https://t.me/lalaeuro4i4a

rc4.plain
rc4.plain

Targets

    • Target

      de2492f2a4cf4a3018e3e4814bf40895

    • Size

      486KB

    • MD5

      de2492f2a4cf4a3018e3e4814bf40895

    • SHA1

      4ec461c3c639b9a8db0a2f8224c490ac9681964b

    • SHA256

      c3ccce1b034afe8dfd13db2057d97c84060edec3ddcf9db8b93f8d9bbb089cb7

    • SHA512

      b9d63b79a02879c5e835f108703512a1b12aa82cafedbc1243a7a9f99e862565fc6cd6e35e0e4c17a4fee2ac4c03fec45331d1eef1c2b6fad954d51fce1ffac1

    • SSDEEP

      12288:kBLPOI/Sop5gPSR3I8LYWhOcdn6oroBJLK1k:kB3qocPSR3TYwOV/TLK1k

    Score
    10/10
    raccoon04d511fa4566fa4f749bc15a75b397df3548d126stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks