raccoon | e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

e4deb9b392...f7.exe

windows7-x64

e4deb9b392...f7.exe

windows10-2004-x64

Sharing

General

Target

e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7
Size

3.6MB
Sample

240330-3zj51aac78
MD5

c9c5e96b74ae38dff42a998e5ac7cc8e
SHA1

fb3d9bc8d612325adea6d95e61748dfe149a4e0c
SHA256

e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7
SHA512

829cdae8c5223b615b48a1b23153c767d6130042cd898edb32b2f9a28f241270a32f3e04a5858f50e8233222e7d0e1fe515694ca1ad7ae72925a7fcc0c99d5d0
SSDEEP

98304:I34AQwo/KgFP195Ok9P+VSeC47gpuxbswnBx0OE9:IIBF13xP+1C47gMgwnBNE9

Score

10^/10

raccoon 21afed884343422099404c3331adc81c stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7.exe

Resource

win7-20240221-en

raccoon 21afed884343422099404c3331adc81c stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7.exe

Resource

win10v2004-20240226-en

raccoon 21afed884343422099404c3331adc81c stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

21afed884343422099404c3331adc81c

C2

http://89.238.170.230:80

Attributes

user_agent
MrBidenNeverKnow

xor.plain

Targets

- Target
  
  e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7
- Size
  
  3.6MB
- MD5
  
  c9c5e96b74ae38dff42a998e5ac7cc8e
- SHA1
  
  fb3d9bc8d612325adea6d95e61748dfe149a4e0c
- SHA256
  
  e4deb9b39299696eacccddadf26db3fa070601a6293b6f09be95ca32c91188f7
- SHA512
  
  829cdae8c5223b615b48a1b23153c767d6130042cd898edb32b2f9a28f241270a32f3e04a5858f50e8233222e7d0e1fe515694ca1ad7ae72925a7fcc0c99d5d0
- SSDEEP
  
  98304:I34AQwo/KgFP195Ok9P+VSeC47gpuxbswnBx0OE9:IIBF13xP+1C47gMgwnBNE9
Score

10^/10

raccoon 21afed884343422099404c3331adc81c stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Detects executables containing SQL queries to confidential data stores. Observed in infostealers
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon21afed884343422099404c3331adc81cstealer

behavioral2

raccoon21afed884343422099404c3331adc81cstealer

© 2018-2025

Terms | Privacy