raccoon | dd631fc6635483d84cbd3836d4815e2f06107cbe18b16134dd9fca7ea9a4872d

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
19-04-2024 15:12

Target

fa9326c718469931dba84779b71f4350_JaffaCakes118.exe
Size

486KB
MD5

fa9326c718469931dba84779b71f4350
SHA1

82afa63936a212149c787f87cdc07c2293f3806c
SHA256

dd631fc6635483d84cbd3836d4815e2f06107cbe18b16134dd9fca7ea9a4872d
SHA512

bf69f7a0e28488d197f2ac78e6f27160eeeb76927c5f5d96e40354f04ab3a1fa96fe99e309baa8fc5dcf2801e1f7e08544c9166a018931323f75519f2a3a19b6
SSDEEP

12288:PKOtTqqQMJ2uTMH4JqsyCHGTP4yEFs1mMeGyFS:SITqqQMwH4EsLGNmMiF

Score

10^/10

raccoon stealer

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer V1 payload 3 IoCs

Processes:

resource	yara_rule
behavioral2/memory/2304-2-0x0000000002760000-0x00000000027F3000-memory.dmp	family_raccoon_v1
behavioral2/memory/2304-3-0x0000000000400000-0x00000000009F4000-memory.dmp	family_raccoon_v1
behavioral2/memory/2304-6-0x0000000002760000-0x00000000027F3000-memory.dmp	family_raccoon_v1

C:\Users\Admin\AppData\Local\Temp\fa9326c718469931dba84779b71f4350_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fa9326c718469931dba84779b71f4350_JaffaCakes118.exe"
1⤵
PID:2304

memory/2304-1-0x0000000000B00000-0x0000000000C00000-memory.dmp

Filesize
1024KB

Download
memory/2304-2-0x0000000002760000-0x00000000027F3000-memory.dmp

Filesize
588KB

Download
memory/2304-3-0x0000000000400000-0x00000000009F4000-memory.dmp

Filesize
6.0MB

Download
memory/2304-6-0x0000000002760000-0x00000000027F3000-memory.dmp

Filesize
588KB

Download
memory/2304-7-0x0000000000B00000-0x0000000000C00000-memory.dmp

Filesize
1024KB

Download