raccoon | 4ae2121a59907625840dfc680841abdd1cbb1646f0e46f3078b8f4e7d55f3d8e

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
15-04-2024 08:45

Target

f0af15a2314afee90871fe75a1faa3a3_JaffaCakes118.exe
Size

594KB
MD5

f0af15a2314afee90871fe75a1faa3a3
SHA1

58a9d3200daf1b04a72c730b9a93b22b94bf5e25
SHA256

4ae2121a59907625840dfc680841abdd1cbb1646f0e46f3078b8f4e7d55f3d8e
SHA512

678abd85f55f68bb559182784c0c10d531bb8a2401606f22768c10eab36a36a36a46bf8de652305450dd57d84a84d4812b51adfb09857883995c2f4a2a476045
SSDEEP

12288:xF/Q4o6kX2HpCkZ71STDiYYQbSqDGGPTwEeEAz2:XFoeCkZ71STepKSmbTw1

Score

10^/10

raccoon stealer

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer V1 payload 4 IoCs

Processes:

resource	yara_rule
behavioral2/memory/2936-2-0x0000000004FD0000-0x0000000005061000-memory.dmp	family_raccoon_v1
behavioral2/memory/2936-3-0x0000000000400000-0x0000000003282000-memory.dmp	family_raccoon_v1
behavioral2/memory/2936-4-0x0000000000400000-0x0000000003282000-memory.dmp	family_raccoon_v1
behavioral2/memory/2936-7-0x0000000004FD0000-0x0000000005061000-memory.dmp	family_raccoon_v1

C:\Users\Admin\AppData\Local\Temp\f0af15a2314afee90871fe75a1faa3a3_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f0af15a2314afee90871fe75a1faa3a3_JaffaCakes118.exe"
1⤵
PID:2936

memory/2936-1-0x00000000032E0000-0x00000000033E0000-memory.dmp

Filesize
1024KB

Download
memory/2936-2-0x0000000004FD0000-0x0000000005061000-memory.dmp

Filesize
580KB

Download
memory/2936-3-0x0000000000400000-0x0000000003282000-memory.dmp

Filesize
46.5MB

Download
memory/2936-4-0x0000000000400000-0x0000000003282000-memory.dmp

Filesize
46.5MB

Download
memory/2936-6-0x00000000032E0000-0x00000000033E0000-memory.dmp

Filesize
1024KB

Download
memory/2936-7-0x0000000004FD0000-0x0000000005061000-memory.dmp

Filesize
580KB

Download