General

  • Target

    df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe

  • Size

    1.0MB

  • Sample

    240707-bpdfxszbrl

  • MD5

    18b80be4ccf569476db98955ad019621

  • SHA1

    2c160dc5cd238d9d7f0ca4b4a6419eacb4d6a76b

  • SHA256

    df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c

  • SHA512

    59565a2a19b8530dd15ac855d361ff7da9e534511787ee296f2e33aad87ebd3141b6e3e0bdd10a34482c0f60bfd644dc5ac11913650998ad6ab84c8f5b2a179f

  • SSDEEP

    24576:ylijFje/d/FERYDhCbMIN5gCwRBXZSFm5qvlxoCCvcAk02D8GHz:hBje/d/FEONirgCmXZ6mQdHCvcLL8Oz

Malware Config

Extracted

Family

raccoon

Botnet

1a5d06870a6b84740b2c11dce573e9a0

C2

http://95.169.205.186:80/

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain
1
1a5d06870a6b84740b2c11dce573e9a0

Targets

    • Target

      df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c.exe

    • Size

      1.0MB

    • MD5

      18b80be4ccf569476db98955ad019621

    • SHA1

      2c160dc5cd238d9d7f0ca4b4a6419eacb4d6a76b

    • SHA256

      df4be4cd1353fcc4da27d21950f9080647884f8985cac8a5c54cc8f5fd2a843c

    • SHA512

      59565a2a19b8530dd15ac855d361ff7da9e534511787ee296f2e33aad87ebd3141b6e3e0bdd10a34482c0f60bfd644dc5ac11913650998ad6ab84c8f5b2a179f

    • SSDEEP

      24576:ylijFje/d/FERYDhCbMIN5gCwRBXZSFm5qvlxoCCvcAk02D8GHz:hBje/d/FEONirgCmXZ6mQdHCvcLL8Oz

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V2 payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.