raccoon | 3f6c6e27fba6e2622e761e40bd213fef67eae0ae34c1bb203d607d6cfc86a744 | Triage

Submit
Reports

Overview

overview

Static

static

1

eb5b5c1aad...18.exe

windows7-x64

eb5b5c1aad...18.exe

windows10-2004-x64

Sharing

General

Target

eb5b5c1aadbfcf4f77224f0ba54ea857_JaffaCakes118
Size

544KB
Sample

240410-sljxzace48
MD5

eb5b5c1aadbfcf4f77224f0ba54ea857
SHA1

fff6171533a856329881093dd0ace4aeebaa4aa9
SHA256

3f6c6e27fba6e2622e761e40bd213fef67eae0ae34c1bb203d607d6cfc86a744
SHA512

0547c53977d5bca129eb85b1f927a8ce57442fa028c9d0697c0c99e7b861bb31431df02ea7cd3ee5dda6a5621ee3e82c2255a535b96e112f31a8888d29b6ebdd
SSDEEP

12288:36DB7xHIF/+vGJ7h00tay5Xj8/7/SgkvhJTzSeehpTNqXvHKrh:3SB7RIkvGJdCQY/DS/DT90+XfKrh

Score

10^/10

raccoon 9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77 stealer

Static task

static1

Behavioral task

behavioral1

Sample

eb5b5c1aadbfcf4f77224f0ba54ea857_JaffaCakes118.exe

Resource

win7-20240221-en

raccoon 9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77 stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

eb5b5c1aadbfcf4f77224f0ba54ea857_JaffaCakes118.exe

Resource

win10v2004-20240226-en

raccoon 9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77

Attributes

url4cnc
https://telete.in/iphonemotorollex

rc4.plain

rc4.plain

Targets

- Target
  
  eb5b5c1aadbfcf4f77224f0ba54ea857_JaffaCakes118
- Size
  
  544KB
- MD5
  
  eb5b5c1aadbfcf4f77224f0ba54ea857
- SHA1
  
  fff6171533a856329881093dd0ace4aeebaa4aa9
- SHA256
  
  3f6c6e27fba6e2622e761e40bd213fef67eae0ae34c1bb203d607d6cfc86a744
- SHA512
  
  0547c53977d5bca129eb85b1f927a8ce57442fa028c9d0697c0c99e7b861bb31431df02ea7cd3ee5dda6a5621ee3e82c2255a535b96e112f31a8888d29b6ebdd
- SSDEEP
  
  12288:36DB7xHIF/+vGJ7h00tay5Xj8/7/SgkvhJTzSeehpTNqXvHKrh:3SB7RIkvGJdCQY/DS/DT90+XfKrh
Score

10^/10

raccoon 9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77stealer

behavioral2

raccoon9cd318cbd9a92c7e7d1c2ecfc2e7ccb0e3187a77stealer

© 2018-2025

Terms | Privacy