raccoon | 31b85fde884193b976d6cae2209bd2c95f13d6de5d0ff4206612a8768a0c65d6 | Triage

Submit
Reports

Overview

overview

Static

static

3

5c9e2b97d5...18.exe

windows7-x64

5c9e2b97d5...18.exe

windows10-2004-x64

Sharing

General

Target

5c9e2b97d5a4b86c6c64edf30f058f45_JaffaCakes118
Size

526KB
Sample

240520-cfq64afa6s
MD5

5c9e2b97d5a4b86c6c64edf30f058f45
SHA1

6a8434f83d4d160fd796e3a3f50a020cf5974903
SHA256

31b85fde884193b976d6cae2209bd2c95f13d6de5d0ff4206612a8768a0c65d6
SHA512

520b42812b6f305ec8ddd8601313dca8dab9fc02a0e102c392f1836519aaeb6fbe5beacef8bc83355343c959f40b6e8e5fe13507be67dc4e8c1c82fb3c3bc802
SSDEEP

6144:hoSg6+39FKBPWjllRX2R6XdJbI1OAw0k6qOk/Ur0Ed1t02apBHU4/3+4Vz+Eu0+J:hoDlmBPWjJ/Shrqx/krdAfT7Zu/Ci6+

Score

10^/10

raccoon 2141da92b4ad3ac837e01675ce3a1681885395e0 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5c9e2b97d5a4b86c6c64edf30f058f45_JaffaCakes118.exe

Resource

win7-20231129-en

raccoon 2141da92b4ad3ac837e01675ce3a1681885395e0 stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

5c9e2b97d5a4b86c6c64edf30f058f45_JaffaCakes118.exe

Resource

win10v2004-20240508-en

raccoon 2141da92b4ad3ac837e01675ce3a1681885395e0 stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

2141da92b4ad3ac837e01675ce3a1681885395e0

Attributes

url4cnc
https://raw.githubusercontent.com/metzler99muirbfkm/js/master/home.html

rc4.plain

rc4.plain

Targets

- Target
  
  5c9e2b97d5a4b86c6c64edf30f058f45_JaffaCakes118
- Size
  
  526KB
- MD5
  
  5c9e2b97d5a4b86c6c64edf30f058f45
- SHA1
  
  6a8434f83d4d160fd796e3a3f50a020cf5974903
- SHA256
  
  31b85fde884193b976d6cae2209bd2c95f13d6de5d0ff4206612a8768a0c65d6
- SHA512
  
  520b42812b6f305ec8ddd8601313dca8dab9fc02a0e102c392f1836519aaeb6fbe5beacef8bc83355343c959f40b6e8e5fe13507be67dc4e8c1c82fb3c3bc802
- SSDEEP
  
  6144:hoSg6+39FKBPWjllRX2R6XdJbI1OAw0k6qOk/Ur0Ed1t02apBHU4/3+4Vz+Eu0+J:hoDlmBPWjJ/Shrqx/krdAfT7Zu/Ci6+
Score

10^/10

raccoon 2141da92b4ad3ac837e01675ce3a1681885395e0 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoon2141da92b4ad3ac837e01675ce3a1681885395e0stealer

behavioral2

raccoon2141da92b4ad3ac837e01675ce3a1681885395e0stealer

© 2018-2024

Terms | Privacy