Overview

overview

10

Static

static

3

y1.exe

windows7-x64

10

y1.exe

windows10-1703-x64

10

y1.exe

windows10-2004-x64

10

y1.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-07-2024 22:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    y1.exe

  • Size

    523KB

  • MD5

    211704d0d7c978042c9fd858fd7a3256

  • SHA1

    ed582bf85c777e03990562af0ca5d3503646e462

  • SHA256

    98105987364d21e0167d6b6a90510a9beea0746eca7a3326c13c11806ffced79

  • SHA512

    a25778cfe12b106e73b2a410276c0fe7b999501abfe2bb4c51d60992691f2d540797c05fcdcd653580f499e3042a32e73d4881a294ba599299b344f58e56ee11

  • SSDEEP

    12288:0i0JjP5vT+d/J+jac6jNIW5qbHX6noVWo/mF2+:0iGr9Tk/QjaRjNIVbHqoVWo/mE+

Score
10/10
raccoon9afb493c6f82d08075dbbfa7d93ce97f1dbf4733stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

9afb493c6f82d08075dbbfa7d93ce97f1dbf4733

Attributes
  • url4cnc

    https://tttttt.me/antitantief3

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\y1.exe
    "C:\Users\Admin\AppData\Local\Temp\y1.exe"
    1⤵
      PID:2972

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2972-1-0x0000000002E70000-0x0000000002F70000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2972-2-0x0000000004950000-0x00000000049E1000-memory.dmp

      Filesize

      580KB

      Download

    • memory/2972-3-0x0000000000400000-0x0000000000492000-memory.dmp

      Filesize

      584KB

      Download

    • memory/2972-4-0x0000000000400000-0x0000000002BF4000-memory.dmp

      Filesize

      40.0MB

      Download

    • memory/2972-6-0x0000000002E70000-0x0000000002F70000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2972-7-0x0000000004950000-0x00000000049E1000-memory.dmp

      Filesize

      580KB

      Download

    • memory/2972-8-0x0000000000400000-0x0000000000492000-memory.dmp

      Filesize

      584KB

      Download