Overview

overview

10

Static

static

3

12f3dc5821...18.exe

windows7-x64

10

12f3dc5821...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-06-2024 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    12f3dc5821b251267e852f44e136cd99_JaffaCakes118.exe

  • Size

    546KB

  • MD5

    12f3dc5821b251267e852f44e136cd99

  • SHA1

    362072d504a49e9fc9747644ab028b12abd36624

  • SHA256

    76a2373a534c4aaded3a7db99312c17f4873f62dd29e2daa1557d528092ef902

  • SHA512

    52f860e2c38b8a70e48cc452255beac17b7ce5fb8f775a3f2efd6dbe17406332cf2c1d18eac2c52ee7e72e49f827b5a1a09c143e008a28df32aa32fc64d65d94

  • SSDEEP

    12288:QchpZ9vIEUUoH22j9RO/SVc+YlEKrv1KzsZqCbfzxp6L:Q4Z9AEGH22j26dyXZZ7b736L

Score
10/10
raccoon5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.1

Botnet

5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4

Attributes
  • url4cnc

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\12f3dc5821b251267e852f44e136cd99_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\12f3dc5821b251267e852f44e136cd99_JaffaCakes118.exe"
    1⤵
      PID:4728
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=2736,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=3904 /prefetch:8
      1⤵
        PID:1088

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4728-1-0x00000000005C0000-0x00000000006C0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4728-2-0x0000000000520000-0x00000000005B0000-memory.dmp

        Filesize

        576KB

        Download

      • memory/4728-3-0x0000000000400000-0x0000000000493000-memory.dmp

        Filesize

        588KB

        Download

      • memory/4728-4-0x0000000000400000-0x0000000000496000-memory.dmp

        Filesize

        600KB

        Download

      • memory/4728-6-0x00000000005C0000-0x00000000006C0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4728-7-0x0000000000520000-0x00000000005B0000-memory.dmp

        Filesize

        576KB

        Download