Overview

overview

10

Static

static

3

2a72e8b83f...18.exe

windows7-x64

10

2a72e8b83f...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2024, 01:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2a72e8b83ff33b995b42f475874a8d18_JaffaCakes118.exe

  • Size

    510KB

  • MD5

    2a72e8b83ff33b995b42f475874a8d18

  • SHA1

    bf3137a9ed2f39cb6e0cda1d5a70d1e9fbb27d2b

  • SHA256

    4713df60988f36a0738cacac2d4bfac65a490c62b6865098c9158a6a7f92fbe2

  • SHA512

    f979564c2edb95aa28da05fa0ca0da1f08ee9a29675e6790d2d440e2935a8eba48f3dae736d07cae1a09a5759d728298496e54cdd18fcaceda1917b38c94618b

  • SSDEEP

    12288:ljoVTBdFkrZaXxnK4+xELawWhq4rL2eGw6pxpWeyGoKgiP:GvL0QhT+xBwWg4rLNGwGmeyGO0

Score
10/10
raccoon9ba64f4b6fe448911470a88f09d6e7d5b92ff0abstealer

Malware Config

Extracted

Family

raccoon

Version

1.7.2

Botnet

9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab

Attributes
  • url4cnc

    https://telete.in/jagressor_kz

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2a72e8b83ff33b995b42f475874a8d18_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2a72e8b83ff33b995b42f475874a8d18_JaffaCakes118.exe"
    1⤵
      PID:4032

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4032-1-0x00000000009C0000-0x0000000000AC0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/4032-2-0x0000000000B90000-0x0000000000C22000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4032-3-0x0000000000400000-0x0000000000494000-memory.dmp

      Filesize

      592KB

      Download

    • memory/4032-4-0x0000000000400000-0x00000000008CC000-memory.dmp

      Filesize

      4.8MB

      Download

    • memory/4032-5-0x00000000009C0000-0x0000000000AC0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/4032-7-0x0000000000B90000-0x0000000000C22000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4032-8-0x0000000000400000-0x0000000000494000-memory.dmp

      Filesize

      592KB

      Download