raccoon | df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c | Triage

Submit
Reports

Overview

overview

Static

static

7

df4be4cd13...3c.exe

windows7-x64

7

df4be4cd13...3c.exe

windows10-2004-x64

Sharing

General

Target

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe
Size

1.0MB
Sample

240707-bpdfxszbrl
MD5

18b80be4ccf569476db98955ad019621
SHA1

2c160dc5cd238d9d7f0ca4b4a6419eacb4d6a76b
SHA256

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c
SHA512

59565a2a19b8530dd15ac855d361ff7da9e534511787ee296f2e33aad87ebd3141b6e3e0bdd10a34482c0f60bfd644dc5ac11913650998ad6ab84c8f5b2a179f
SSDEEP

24576:ylijFje/d/FERYDhCbMIN5gCwRBXZSFm5qvlxoCCvcAk02D8GHz:hBje/d/FEONirgCmXZ6mQdHCvcLL8Oz

Score

10^/10

raccoon 1a5d06870a6b84740b2c11dce573e9a0 stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe

Resource

win10v2004-20240704-en

raccoon 1a5d06870a6b84740b2c11dce573e9a0 stealer upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

1a5d06870a6b84740b2c11dce573e9a0

C2

http://95.169.205.186:80/

Attributes

user_agent
MrBidenNeverKnow

xor.plain

Targets

- Target
  
  df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe
- Size
  
  1.0MB
- MD5
  
  18b80be4ccf569476db98955ad019621
- SHA1
  
  2c160dc5cd238d9d7f0ca4b4a6419eacb4d6a76b
- SHA256
  
  df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c
- SHA512
  
  59565a2a19b8530dd15ac855d361ff7da9e534511787ee296f2e33aad87ebd3141b6e3e0bdd10a34482c0f60bfd644dc5ac11913650998ad6ab84c8f5b2a179f
- SSDEEP
  
  24576:ylijFje/d/FERYDhCbMIN5gCwRBXZSFm5qvlxoCCvcAk02D8GHz:hBje/d/FEONirgCmXZ6mQdHCvcLL8Oz
Score

10^/10

upx raccoon 1a5d06870a6b84740b2c11dce573e9a0 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoon1a5d06870a6b84740b2c11dce573e9a0stealerupx

© 2018-2025

Terms | Privacy