raccoon | 2c38dcf0a0a220e77973191ee79e086f578b7fd9933beb448b82dc85113cc549 | Triage

Sharing

General

Target

5492184cede43714f2bd04d9768715d0_JaffaCakes118
Size

444KB
Sample

240518-n1t92aab97
MD5

5492184cede43714f2bd04d9768715d0
SHA1

79c888bc086943fae45a9a0be87d72f4d9ab4871
SHA256

2c38dcf0a0a220e77973191ee79e086f578b7fd9933beb448b82dc85113cc549
SHA512

2e6bd2e044031cec1ef93fc7d0e3bbc1ea76675535f1a8b9d630165fbb3dae53e6a9ce01cd93d5e3c6213aac087d046e76276496b20fd79c24c42167b36655ce
SSDEEP

6144:7jVHLtmG0GS24YiWT/Fy8/YL0W7VgM1yy1WOmSzCj3YYx1haAuMRUf:7jRtGYiOyiYAZy16LFaf

Score

10^/10

raccoon 41711bc5a4ae1e2ac631a21bcc5418009c95e214 stealer

Malware Config

Extracted

Family

raccoon

Botnet

41711bc5a4ae1e2ac631a21bcc5418009c95e214

Attributes

url4cnc
https://telete.in/malwart123

rc4.plain

rc4.plain

Targets

- Target
  
  5492184cede43714f2bd04d9768715d0_JaffaCakes118
- Size
  
  444KB
- MD5
  
  5492184cede43714f2bd04d9768715d0
- SHA1
  
  79c888bc086943fae45a9a0be87d72f4d9ab4871
- SHA256
  
  2c38dcf0a0a220e77973191ee79e086f578b7fd9933beb448b82dc85113cc549
- SHA512
  
  2e6bd2e044031cec1ef93fc7d0e3bbc1ea76675535f1a8b9d630165fbb3dae53e6a9ce01cd93d5e3c6213aac087d046e76276496b20fd79c24c42167b36655ce
- SSDEEP
  
  6144:7jVHLtmG0GS24YiWT/Fy8/YL0W7VgM1yy1WOmSzCj3YYx1haAuMRUf:7jRtGYiOyiYAZy16LFaf
Score

10^/10

raccoon stealer 41711bc5a4ae1e2ac631a21bcc5418009c95e214
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

raccoon41711bc5a4ae1e2ac631a21bcc5418009c95e214stealer