Overview

overview

10

Static

static

7

4cadc0b0cd...18.exe

windows7-x64

10

4cadc0b0cd...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-03-2024 04:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4cadc0b0cd85417fe70f2583f52071ac_JaffaCakes118.exe

  • Size

    3.9MB

  • MD5

    4cadc0b0cd85417fe70f2583f52071ac

  • SHA1

    48b440f6950b6b93ed74e1c601aed0305a42eb97

  • SHA256

    63635fdc404676476f882882cbb2025bf2d769cc8f9f3d7f5f9a53f8a2cfc9af

  • SHA512

    5f341905cb34182c729f59df1a36a99cb1b866448c3d7c78fcf50be34c16a1f9e0fbe3a1574dc839bf601a01751b664754039b89aed51922f791d136f95ba06b

  • SSDEEP

    98304:r5/Yv2hE+JH81NsoApCiQ+xxMbfCgt+aYJkucTp/:9QvR+UNszIikp+aYJbcTp

Score
10/10
raccoonstealervmprotect

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 1 IoCs
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\4cadc0b0cd85417fe70f2583f52071ac_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4cadc0b0cd85417fe70f2583f52071ac_JaffaCakes118.exe"
    1⤵
      PID:404

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/404-0-0x0000000000600000-0x0000000000C06000-memory.dmp

      Filesize

      6.0MB

      Download