raccoon | e2281e35d1a66eab62c14aa7dc8b1d78e3cfcefe421edba720433d20806b159e

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
19-04-2024 18:01

Target

fadd564a15273803562f9cc59accd090_JaffaCakes118.exe
Size

527KB
MD5

fadd564a15273803562f9cc59accd090
SHA1

d0ed4d6f94012f205fd5a82bdba1d82d31239a05
SHA256

e2281e35d1a66eab62c14aa7dc8b1d78e3cfcefe421edba720433d20806b159e
SHA512

c69c85517e4756caf9c1bcdf25852683dc6a0e2276d8e03219c748a0bf3fda2588a1e89b804c7ac9f7d5e04ff48ffad4681b29dffe6e947ab1965b2c86825aa9
SSDEEP

12288:lu62iMQ60Py4gxmhbOHQwiFdEgvKCM4xWADJgWJXoG:kQ60fOArEgvPM4xxlWG

Score

10^/10

raccoon stealer

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer V1 payload 3 IoCs

Processes:

resource	yara_rule
behavioral2/memory/2220-2-0x0000000004120000-0x00000000041AF000-memory.dmp	family_raccoon_v1
behavioral2/memory/2220-3-0x0000000000400000-0x00000000023EF000-memory.dmp	family_raccoon_v1
behavioral2/memory/2220-7-0x0000000004120000-0x00000000041AF000-memory.dmp	family_raccoon_v1

C:\Users\Admin\AppData\Local\Temp\fadd564a15273803562f9cc59accd090_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fadd564a15273803562f9cc59accd090_JaffaCakes118.exe"
1⤵
PID:2220

memory/2220-1-0x0000000002480000-0x0000000002580000-memory.dmp

Filesize
1024KB

Download
memory/2220-2-0x0000000004120000-0x00000000041AF000-memory.dmp

Filesize
572KB

Download
memory/2220-3-0x0000000000400000-0x00000000023EF000-memory.dmp

Filesize
31.9MB

Download
memory/2220-5-0x0000000002480000-0x0000000002580000-memory.dmp

Filesize
1024KB

Download
memory/2220-7-0x0000000004120000-0x00000000041AF000-memory.dmp

Filesize
572KB

Download