Overview

overview

10

Static

static

3

12f3dc5821...18.exe

windows7-x64

10

12f3dc5821...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26-06-2024 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    12f3dc5821b251267e852f44e136cd99_JaffaCakes118.exe

  • Size

    546KB

  • MD5

    12f3dc5821b251267e852f44e136cd99

  • SHA1

    362072d504a49e9fc9747644ab028b12abd36624

  • SHA256

    76a2373a534c4aaded3a7db99312c17f4873f62dd29e2daa1557d528092ef902

  • SHA512

    52f860e2c38b8a70e48cc452255beac17b7ce5fb8f775a3f2efd6dbe17406332cf2c1d18eac2c52ee7e72e49f827b5a1a09c143e008a28df32aa32fc64d65d94

  • SSDEEP

    12288:QchpZ9vIEUUoH22j9RO/SVc+YlEKrv1KzsZqCbfzxp6L:Q4Z9AEGH22j26dyXZZ7b736L

Score
10/10
raccoon5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.1

Botnet

5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4

Attributes
  • url4cnc

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\12f3dc5821b251267e852f44e136cd99_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\12f3dc5821b251267e852f44e136cd99_JaffaCakes118.exe"
    1⤵
      PID:2324

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2324-1-0x0000000000550000-0x0000000000650000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2324-2-0x00000000002E0000-0x0000000000370000-memory.dmp

      Filesize

      576KB

      Download

    • memory/2324-3-0x0000000000400000-0x0000000000493000-memory.dmp

      Filesize

      588KB

      Download

    • memory/2324-4-0x0000000000400000-0x0000000000496000-memory.dmp

      Filesize

      600KB

      Download

    • memory/2324-6-0x0000000000550000-0x0000000000650000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2324-7-0x00000000002E0000-0x0000000000370000-memory.dmp

      Filesize

      576KB

      Download

    • memory/2324-8-0x0000000000400000-0x0000000000493000-memory.dmp

      Filesize

      588KB

      Download