raccoon | 7cd0e04ae6cb26444707130e0d56860e56345c9a2153078621eb7bd511ed1f29

Analysis

max time kernel
142s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
25-06-2024 19:58

Target

0f56a3d1e74e85ccbb1588218c8ab4a5_JaffaCakes118.exe
Size

542KB
MD5

0f56a3d1e74e85ccbb1588218c8ab4a5
SHA1

70ab361fe1245f762e6f03229ae71493482c960c
SHA256

7cd0e04ae6cb26444707130e0d56860e56345c9a2153078621eb7bd511ed1f29
SHA512

abfb8e73e43a076e2e9cb007de58d88989704b5a414520cc1b4e3c6cad69a80f92e7ab981d7ac6790fb44450d70b295aa155a0626a5cbb783faa3e41baffbae4
SSDEEP

6144:leqYQcoPj2WlQGQfqu6FrEaAE7tKGfL6C6JPVFMMuFEGSZ7WX9tZP6fQ2ROhxxp3:HYXc2W2GEwP7dfL6DnKG6njzxp6L

Score

10^/10

Family

raccoon

Version

1.8.2

Botnet

e672747afc67feb221ca60f8fc9e03adcf10f038

Attributes

url4cnc
http://teletop.top/youyouhell0world

http://teleta.top/youyouhell0world

https://t.me/youyouhell0world

rc4.plain

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer V1 payload 4 IoCs

resource	yara_rule
behavioral2/memory/2980-2-0x0000000000570000-0x00000000005FE000-memory.dmp	family_raccoon_v1
behavioral2/memory/2980-3-0x0000000000400000-0x0000000000490000-memory.dmp	family_raccoon_v1
behavioral2/memory/2980-4-0x0000000000400000-0x0000000000494000-memory.dmp	family_raccoon_v1
behavioral2/memory/2980-7-0x0000000000570000-0x00000000005FE000-memory.dmp	family_raccoon_v1

C:\Users\Admin\AppData\Local\Temp\0f56a3d1e74e85ccbb1588218c8ab4a5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\0f56a3d1e74e85ccbb1588218c8ab4a5_JaffaCakes118.exe"
1⤵
PID:2980

memory/2980-1-0x00000000006F0000-0x00000000007F0000-memory.dmp

Filesize
1024KB

Download
memory/2980-2-0x0000000000570000-0x00000000005FE000-memory.dmp

Filesize
568KB

Download
memory/2980-3-0x0000000000400000-0x0000000000490000-memory.dmp

Filesize
576KB

Download
memory/2980-4-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2980-6-0x00000000006F0000-0x00000000007F0000-memory.dmp

Filesize
1024KB

Download
memory/2980-7-0x0000000000570000-0x00000000005FE000-memory.dmp

Filesize
568KB

Download