Overview

overview

10

Static

static

3

f1aba985d9...18.exe

windows7-x64

10

f1aba985d9...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-04-2024 18:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f1aba985d9c550d92413f05c2b83fa37_JaffaCakes118.exe

  • Size

    493KB

  • MD5

    f1aba985d9c550d92413f05c2b83fa37

  • SHA1

    cae5385dd7f456c22fd39d71060220eeb55f4c5a

  • SHA256

    07cdd7d64add11a95be69de6b9bc0ef28dd2e70250eecca0d617fcc13008fec9

  • SHA512

    7058caad7e07f34704bf388f6f4801af9d184a17d0ec9ca44ec6b1d3995fb778f945de603cfa3dfbdab4e3ba15852400a7833267088578e8652efbb0bcc1ad8b

  • SSDEEP

    6144:VfwIg9q+5jozHAJLylKfLGddZYZaZRKiCZSM5zVHeO8eYQdtpquBrcOzWl6/AnRx:VV+nhGAJWKKdjRqYuT97g6ARwoOfvUV

Score
10/10
raccoonstealer

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f1aba985d9c550d92413f05c2b83fa37_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f1aba985d9c550d92413f05c2b83fa37_JaffaCakes118.exe"
    1⤵
      PID:1668

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1668-1-0x0000000002F20000-0x0000000003020000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1668-2-0x0000000002E60000-0x0000000002EF1000-memory.dmp

      Filesize

      580KB

      Download

    • memory/1668-3-0x0000000000400000-0x0000000002CB1000-memory.dmp

      Filesize

      40.7MB

      Download

    • memory/1668-4-0x0000000000400000-0x0000000002CB1000-memory.dmp

      Filesize

      40.7MB

      Download

    • memory/1668-5-0x0000000002F20000-0x0000000003020000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1668-7-0x0000000002E60000-0x0000000002EF1000-memory.dmp

      Filesize

      580KB

      Download