raccoon | fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

fc1144011b...c4.exe

windows7-x64

fc1144011b...c4.exe

windows10-2004-x64

Sharing

General

Target

fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4
Size

4.3MB
Sample

240331-arr7esag67
MD5

510cd4f544d00529e671de7d1fad03c6
SHA1

44c2bd2760b08b2bfcfb9046b9e64fb17358b549
SHA256

fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4
SHA512

bde6c817f1cf094ece325530dd32c1edd1e9791b310a584efb08dd68ef37b62a251e03fe01d83bf03b6b016c9af657c33183a3e5372b9e01dfb82b7d7cde6a45
SSDEEP

98304:KceTryEOm9enGuC3PqzKach5Ohb3WgxGjqZi+YuWF8ZxRWfsAaipY2:+nRN9eq3PvNh5OhbGgxFg+BWF8Dj4

Score

10^/10

raccoon 21afed884343422099404c3331adc81c stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4.exe

Resource

win7-20240221-en

raccoon 21afed884343422099404c3331adc81c stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4.exe

Resource

win10v2004-20240226-en

raccoon 21afed884343422099404c3331adc81c stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

21afed884343422099404c3331adc81c

C2

http://89.238.170.230:80

Attributes

user_agent
MrBidenNeverKnow

xor.plain

Targets

- Target
  
  fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4
- Size
  
  4.3MB
- MD5
  
  510cd4f544d00529e671de7d1fad03c6
- SHA1
  
  44c2bd2760b08b2bfcfb9046b9e64fb17358b549
- SHA256
  
  fc1144011bf9b932042f8d7f685a8965245d781d48815bf6d4309bf89f424fc4
- SHA512
  
  bde6c817f1cf094ece325530dd32c1edd1e9791b310a584efb08dd68ef37b62a251e03fe01d83bf03b6b016c9af657c33183a3e5372b9e01dfb82b7d7cde6a45
- SSDEEP
  
  98304:KceTryEOm9enGuC3PqzKach5Ohb3WgxGjqZi+YuWF8ZxRWfsAaipY2:+nRN9eq3PvNh5OhbGgxFg+BWF8Dj4
Score

10^/10

raccoon 21afed884343422099404c3331adc81c stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Detects executables containing SQL queries to confidential data stores. Observed in infostealers
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon21afed884343422099404c3331adc81cstealer

behavioral2

raccoon21afed884343422099404c3331adc81cstealer

© 2018-2025

Terms | Privacy