General

  • Target

    e31b4ad4f380e7007a2ca2f754a7f9f6_JaffaCakes118

  • Size

    545KB

  • Sample

    240406-x7vc2sgg9t

  • MD5

    e31b4ad4f380e7007a2ca2f754a7f9f6

  • SHA1

    15e66ee8e4e0ced52142a50e3baeb7f4a1cca712

  • SHA256

    fc67f471e99bae90d4dc256384bc8b3f29dfe2f0aa15e172057e1c8e083af74f

  • SHA512

    87070a391d273b79c1aedf5186d2d9a69ee59bc936ecd94627db6e580ab8ba0994b4b8d3d4df42a2e08f6940ebbc86b0d3006aecbdb710dbb6b0570af808617d

  • SSDEEP

    12288:uirZ3mcxsLZe/ZasZrOEMugcVjy2PzmD+m2x6RYha:u4Fmcx7rMudVVPiD+6RYha

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

0b83cb02a824f2d53c99cfc8fd4a2d84bbe799ea

Attributes
  • url4cnc

    https://telete.in/bibisberont

rc4.plain
rc4.plain

Targets

    • Target

      e31b4ad4f380e7007a2ca2f754a7f9f6_JaffaCakes118

    • Size

      545KB

    • MD5

      e31b4ad4f380e7007a2ca2f754a7f9f6

    • SHA1

      15e66ee8e4e0ced52142a50e3baeb7f4a1cca712

    • SHA256

      fc67f471e99bae90d4dc256384bc8b3f29dfe2f0aa15e172057e1c8e083af74f

    • SHA512

      87070a391d273b79c1aedf5186d2d9a69ee59bc936ecd94627db6e580ab8ba0994b4b8d3d4df42a2e08f6940ebbc86b0d3006aecbdb710dbb6b0570af808617d

    • SSDEEP

      12288:uirZ3mcxsLZe/ZasZrOEMugcVjy2PzmD+m2x6RYha:u4Fmcx7rMudVVPiD+6RYha

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks