raccoon | a888070ad81fa157ad118404c238a5d5e8b0177804abe9a422b56a6c55d415e2 | Triage

Submit
Reports

Overview

overview

Static

static

3

f33f4b1660...18.exe

windows7-x64

f33f4b1660...18.exe

windows10-2004-x64

Sharing

General

Target

f33f4b166018011971f9ea6924cd4981_JaffaCakes118
Size

612KB
Sample

240416-lz8d6afb74
MD5

f33f4b166018011971f9ea6924cd4981
SHA1

9c91cc6f49c7fa61966ddae70cbf3bb4a7cfc8db
SHA256

a888070ad81fa157ad118404c238a5d5e8b0177804abe9a422b56a6c55d415e2
SHA512

e7c28d0c64b1bd47d44ae387711beba33d7ee43939e13bd77fa07efd559b2fe678857de1937c7ddc7bec2924721ba44985fa9dc07c9376e8f0a46567c91b0765
SSDEEP

12288:+YfFGaFSTieKcnmzEECkgkkFxiQBydaikocqwd/9XvK5XsowPs:pFG2LcmYEClJ9wd6ocqwd/9XvKJOk

Score

10^/10

raccoon ea1790c1bba6667b84b216a6c88d10e5bafdca86 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f33f4b166018011971f9ea6924cd4981_JaffaCakes118.exe

Resource

win7-20231129-en

raccoon ea1790c1bba6667b84b216a6c88d10e5bafdca86 stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

f33f4b166018011971f9ea6924cd4981_JaffaCakes118.exe

Resource

win10v2004-20240412-en

raccoon ea1790c1bba6667b84b216a6c88d10e5bafdca86 stealer

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

ea1790c1bba6667b84b216a6c88d10e5bafdca86

Attributes

url4cnc
https://tttttt.me/jdiamond13

rc4.plain

rc4.plain

Targets

- Target
  
  f33f4b166018011971f9ea6924cd4981_JaffaCakes118
- Size
  
  612KB
- MD5
  
  f33f4b166018011971f9ea6924cd4981
- SHA1
  
  9c91cc6f49c7fa61966ddae70cbf3bb4a7cfc8db
- SHA256
  
  a888070ad81fa157ad118404c238a5d5e8b0177804abe9a422b56a6c55d415e2
- SHA512
  
  e7c28d0c64b1bd47d44ae387711beba33d7ee43939e13bd77fa07efd559b2fe678857de1937c7ddc7bec2924721ba44985fa9dc07c9376e8f0a46567c91b0765
- SSDEEP
  
  12288:+YfFGaFSTieKcnmzEECkgkkFxiQBydaikocqwd/9XvK5XsowPs:pFG2LcmYEClJ9wd6ocqwd/9XvKJOk
Score

10^/10

raccoon ea1790c1bba6667b84b216a6c88d10e5bafdca86 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoonea1790c1bba6667b84b216a6c88d10e5bafdca86stealer

behavioral2

raccoonea1790c1bba6667b84b216a6c88d10e5bafdca86stealer

© 2018-2024

Terms | Privacy