raccoon | 634f511eb76b80e93dda9725c78a7f81ce56e55d20f1a8054f158fa74474acfc | Triage

Submit
Reports

Overview

overview

Static

static

1

fe7131cf6c...18.exe

windows7-x64

fe7131cf6c...18.exe

windows10-2004-x64

Sharing

General

Target

fe7131cf6c341ca903692d41431a00cc_JaffaCakes118
Size

493KB
Sample

240421-e6qdlabe71
MD5

fe7131cf6c341ca903692d41431a00cc
SHA1

bf60c200a30d30fce85c142de2322e9ef67124e0
SHA256

634f511eb76b80e93dda9725c78a7f81ce56e55d20f1a8054f158fa74474acfc
SHA512

fdee53acc211562de78a4e3af0c7eb431d36937fba74dabf349c64ce1bc626b60af4a6570aa105dd3062c1baf0af108aa8397a0d31cd9b036ba7d6001573cda6
SSDEEP

12288:1st56BjrelBW6dGC+SoeQkmRWEoLpSEijcSHTGhO:1stABnelNYSoeQkmRfoLJsjGhO

Score

10^/10

raccoon 5944ea4a7ef06637c8c156587128728b27948dd2 stealer

Static task

static1

Behavioral task

behavioral1

Sample

fe7131cf6c341ca903692d41431a00cc_JaffaCakes118.exe

Resource

win7-20240215-en

raccoon 5944ea4a7ef06637c8c156587128728b27948dd2 stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe7131cf6c341ca903692d41431a00cc_JaffaCakes118.exe

Resource

win10v2004-20240412-en

raccoon 5944ea4a7ef06637c8c156587128728b27948dd2 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

5944ea4a7ef06637c8c156587128728b27948dd2

Attributes

url4cnc
https://telete.in/justoprostohello

rc4.plain

rc4.plain

Targets

- Target
  
  fe7131cf6c341ca903692d41431a00cc_JaffaCakes118
- Size
  
  493KB
- MD5
  
  fe7131cf6c341ca903692d41431a00cc
- SHA1
  
  bf60c200a30d30fce85c142de2322e9ef67124e0
- SHA256
  
  634f511eb76b80e93dda9725c78a7f81ce56e55d20f1a8054f158fa74474acfc
- SHA512
  
  fdee53acc211562de78a4e3af0c7eb431d36937fba74dabf349c64ce1bc626b60af4a6570aa105dd3062c1baf0af108aa8397a0d31cd9b036ba7d6001573cda6
- SSDEEP
  
  12288:1st56BjrelBW6dGC+SoeQkmRWEoLpSEijcSHTGhO:1stABnelNYSoeQkmRfoLJsjGhO
Score

10^/10

raccoon 5944ea4a7ef06637c8c156587128728b27948dd2 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoon5944ea4a7ef06637c8c156587128728b27948dd2stealer

behavioral2

raccoon5944ea4a7ef06637c8c156587128728b27948dd2stealer

© 2018-2024

Terms | Privacy