raccoon | df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c | Triage

Submit
Reports

Overview

overview

Static

static

7

df4be4cd13...3c.exe

windows7-x64

7

df4be4cd13...3c.exe

windows10-2004-x64

Sharing

General

Target

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe
Size

1.0MB
Sample

240707-bpdfxszbrl
MD5

18b80be4ccf569476db98955ad019621
SHA1

2c160dc5cd238d9d7f0ca4b4a6419eacb4d6a76b
SHA256

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c
SHA512

59565a2a19b8530dd15ac855d361ff7da9e534511787ee296f2e33aad87ebd3141b6e3e0bdd10a34482c0f60bfd644dc5ac11913650998ad6ab84c8f5b2a179f
SSDEEP

24576:ylijFje/d/FERYDhCbMIN5gCwRBXZSFm5qvlxoCCvcAk02D8GHz:hBje/d/FEONirgCmXZ6mQdHCvcLL8Oz

Score

10^/10

raccoon 1a5d06870a6b84740b2c11dce573e9a0 stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe

Resource

win10v2004-20240704-en

raccoon 1a5d06870a6b84740b2c11dce573e9a0 stealer upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

1a5d06870a6b84740b2c11dce573e9a0

C2

http://95.169.205.186:80/

Attributes

user_agent
MrBidenNeverKnow

xor.plain

1
1a5d06870a6b84740b2c11dce573e9a0

Targets

- Target
  
  df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe
- Size
  
  1.0MB
- MD5
  
  18b80be4ccf569476db98955ad019621
- SHA1
  
  2c160dc5cd238d9d7f0ca4b4a6419eacb4d6a76b
- SHA256
  
  df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c
- SHA512
  
  59565a2a19b8530dd15ac855d361ff7da9e534511787ee296f2e33aad87ebd3141b6e3e0bdd10a34482c0f60bfd644dc5ac11913650998ad6ab84c8f5b2a179f
- SSDEEP
  
  24576:ylijFje/d/FERYDhCbMIN5gCwRBXZSFm5qvlxoCCvcAk02D8GHz:hBje/d/FEONirgCmXZ6mQdHCvcLL8Oz
Score

10^/10

upx raccoon 1a5d06870a6b84740b2c11dce573e9a0 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoon1a5d06870a6b84740b2c11dce573e9a0stealerupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.