raccoon | e45562980424366481dbd17982b5773aa120d0c6410a0d45ef4daa156ca7c478

Analysis

max time kernel
141s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
04-04-2024 19:48

Target

c130ac321d6f5d08fdcfea1ee0a98b87_JaffaCakes118.exe
Size

582KB
MD5

c130ac321d6f5d08fdcfea1ee0a98b87
SHA1

f65373f4eaf8fe94a96901a85a2ce0a214747ad6
SHA256

e45562980424366481dbd17982b5773aa120d0c6410a0d45ef4daa156ca7c478
SHA512

4566161595cf570ba6f85386444c83d2b8c1a89ef194ba0d66b70dc9091c7c37810a4d2b7644f414171c9a9c102d972b20868935882ae654ffeaaa83f0b17c71
SSDEEP

12288:Z1GO+R4yXP9NsHqJH1U3fJ9XniH+gkoMCR0QoUPHErJTZg83CJWDwEQm:Z1GO41XP9mHI+x93ienCpoDZg83D1

Score

10^/10

raccoon stealer

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer V1 payload 4 IoCs

resource	yara_rule
behavioral1/memory/2096-2-0x0000000000270000-0x00000000002FE000-memory.dmp	family_raccoon_v1
behavioral1/memory/2096-3-0x0000000000400000-0x00000000007C3000-memory.dmp	family_raccoon_v1
behavioral1/memory/2096-7-0x0000000000270000-0x00000000002FE000-memory.dmp	family_raccoon_v1
behavioral1/memory/2096-16-0x0000000000400000-0x00000000007C3000-memory.dmp	family_raccoon_v1

C:\Users\Admin\AppData\Local\Temp\c130ac321d6f5d08fdcfea1ee0a98b87_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\c130ac321d6f5d08fdcfea1ee0a98b87_JaffaCakes118.exe"
1⤵
PID:2096

memory/2096-1-0x00000000009A0000-0x0000000000AA0000-memory.dmp

Filesize
1024KB

Download
memory/2096-2-0x0000000000270000-0x00000000002FE000-memory.dmp

Filesize
568KB

Download
memory/2096-3-0x0000000000400000-0x00000000007C3000-memory.dmp

Filesize
3.8MB

Download
memory/2096-5-0x00000000009A0000-0x0000000000AA0000-memory.dmp

Filesize
1024KB

Download
memory/2096-7-0x0000000000270000-0x00000000002FE000-memory.dmp

Filesize
568KB

Download
memory/2096-16-0x0000000000400000-0x00000000007C3000-memory.dmp

Filesize
3.8MB

Download