Overview

overview

10

Static

static

3

SecuriteIn...34.exe

windows7-x64

10

SecuriteIn...34.exe

windows10-2004-x64

5

Resubmissions

21-07-2024 10:07

240721-l5r95azfpn 5

21-07-2024 09:24

240721-lc2m4axelh 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe

  • Size

    813KB

  • Sample

    240721-lc2m4axelh

  • MD5

    6a7681530b7cd49a24f0e12f609f0635

  • SHA1

    02595be9615b657bbbbfa4f4296a5f905fb6485a

  • SHA256

    afd8d8d37d356702122236ca272511a8408ec817c33276122641245b034661f6

  • SHA512

    66a3e786f8392fff29f5f6611a89f9b6891da3e12e9fff765d7d1336857c86bdc8674f5f2f70ef73a235a837257ec4bfcf7408d533bbb7a26a9a3ad6c9e1c4f8

  • SSDEEP

    12288:IycLHzILbdesTkxgaEfLDRXrIAzhXUj5/PY88KzRrhK7fVIIa4Nd4K6mZvUoy:BcLHiX1akDR7IcXu/Q8rOfVIp32Uo

Score
10/10
raccoon071a7b18a42c1cd94de2fc5bb0bbcaf2stealer

Malware Config

Extracted

Family

raccoon

Botnet

071a7b18a42c1cd94de2fc5bb0bbcaf2

C2

http://193.142.147.59:80

Attributes
  • user_agent

    Xmlst

xor.plain

Targets

    • Target

      SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe

    • Size

      813KB

    • MD5

      6a7681530b7cd49a24f0e12f609f0635

    • SHA1

      02595be9615b657bbbbfa4f4296a5f905fb6485a

    • SHA256

      afd8d8d37d356702122236ca272511a8408ec817c33276122641245b034661f6

    • SHA512

      66a3e786f8392fff29f5f6611a89f9b6891da3e12e9fff765d7d1336857c86bdc8674f5f2f70ef73a235a837257ec4bfcf7408d533bbb7a26a9a3ad6c9e1c4f8

    • SSDEEP

      12288:IycLHzILbdesTkxgaEfLDRXrIAzhXUj5/PY88KzRrhK7fVIIa4Nd4K6mZvUoy:BcLHiX1akDR7IcXu/Q8rOfVIp32Uo

    Score
    10/10
    raccoon071a7b18a42c1cd94de2fc5bb0bbcaf2stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V2 payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks