raccoon | 6d4e0d5aab0b739d7a588ac8388fda6683d7aeb89218bc90a6e31e678d694732 | Triage

Submit
Reports

Overview

overview

Static

static

3

72f0ed6c41...18.exe

windows7-x64

72f0ed6c41...18.exe

windows10-2004-x64

Sharing

General

Target

72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118
Size

548KB
Sample

240525-xn36vaee8s
MD5

72f0ed6c41455ffba00e8d70230fb385
SHA1

d66ff526c4fce9dc2400b3f62b9a85290a0e43ae
SHA256

6d4e0d5aab0b739d7a588ac8388fda6683d7aeb89218bc90a6e31e678d694732
SHA512

3f80888e2367c57a5ee1888fdaff6a048f146db09cb177cfff66145c85e69f710df1e605b47afc5481b88bba4804c667b70bda453e72bb847e57aa355da2fda2
SSDEEP

12288:OJlhw548nlk6CObOADVdHU6MGBjhRWVh0EBpAwX2NmBdWccZ6vbiG:Qw5482hbADnMcwAE2NIcp6vbiG

Score

10^/10

raccoon 7e5543c4289f26dea3d9e04ebd343c28eb0f44fe stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118.exe

Resource

win7-20231129-en

raccoon 7e5543c4289f26dea3d9e04ebd343c28eb0f44fe stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118.exe

Resource

win10v2004-20240426-en

raccoon 7e5543c4289f26dea3d9e04ebd343c28eb0f44fe stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

7e5543c4289f26dea3d9e04ebd343c28eb0f44fe

Attributes

url4cnc
https://drive.google.com/uc?export=download&id=1QQXAXArU8BU4kJZ6IBsSCCyLtmLftiOV

rc4.plain

rc4.plain

Targets

- Target
  
  72f0ed6c41455ffba00e8d70230fb385_JaffaCakes118
- Size
  
  548KB
- MD5
  
  72f0ed6c41455ffba00e8d70230fb385
- SHA1
  
  d66ff526c4fce9dc2400b3f62b9a85290a0e43ae
- SHA256
  
  6d4e0d5aab0b739d7a588ac8388fda6683d7aeb89218bc90a6e31e678d694732
- SHA512
  
  3f80888e2367c57a5ee1888fdaff6a048f146db09cb177cfff66145c85e69f710df1e605b47afc5481b88bba4804c667b70bda453e72bb847e57aa355da2fda2
- SSDEEP
  
  12288:OJlhw548nlk6CObOADVdHU6MGBjhRWVh0EBpAwX2NmBdWccZ6vbiG:Qw5482hbADnMcwAE2NIcp6vbiG
Score

10^/10

raccoon 7e5543c4289f26dea3d9e04ebd343c28eb0f44fe stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoon7e5543c4289f26dea3d9e04ebd343c28eb0f44festealer

behavioral2

raccoon7e5543c4289f26dea3d9e04ebd343c28eb0f44festealer

© 2018-2024

Terms | Privacy