raccoon | 0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0e63ba9976...87.exe

windows7-x64

0e63ba9976...87.exe

windows10-2004-x64

Sharing

General

Target

0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87.exe
Size

2.3MB
Sample

240723-bkg9bayfkg
MD5

010d3ed12031239d3f314f66bb28d58d
SHA1

9daa168735a3f72e715f87d952a18f6c8f00238c
SHA256

0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87
SHA512

07234248dcb4d331e15bc102d83442723e5c887ded4cb8b9a66a288ea72560b7b85c169e08d192a035ff757dc8b0efdb555af97e7171bb378d17cd1c35a4e863
SSDEEP

49152:MJ8U/HLU3Yp7dPM8V/HLU3Yp7CgUxK3h7/SEyIas8JWsa6HdLm:MJ8U/HQ3r8V/HQ3BbxKxD9jXsj9Lm

Score

10^/10

raccoon dd188c0be5001b2c8fb76d74174694cd stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87.exe

Resource

win7-20240704-en

raccoon dd188c0be5001b2c8fb76d74174694cd stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87.exe

Resource

win10v2004-20240709-en

raccoon dd188c0be5001b2c8fb76d74174694cd stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

dd188c0be5001b2c8fb76d74174694cd

C2

http://147.45.44.25:80/

http://85.28.47.116:80/

Attributes

user_agent
MrBidenNeverKnow

xor.plain

1
dd188c0be5001b2c8fb76d74174694cd

Targets

- Target
  
  0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87.exe
- Size
  
  2.3MB
- MD5
  
  010d3ed12031239d3f314f66bb28d58d
- SHA1
  
  9daa168735a3f72e715f87d952a18f6c8f00238c
- SHA256
  
  0e63ba9976f0a65f778b70c452659aff5b2845c212d58b2583a4c90363626b87
- SHA512
  
  07234248dcb4d331e15bc102d83442723e5c887ded4cb8b9a66a288ea72560b7b85c169e08d192a035ff757dc8b0efdb555af97e7171bb378d17cd1c35a4e863
- SSDEEP
  
  49152:MJ8U/HLU3Yp7dPM8V/HLU3Yp7CgUxK3h7/SEyIas8JWsa6HdLm:MJ8U/HQ3r8V/HQ3BbxKxD9jXsj9Lm
Score

10^/10

raccoon dd188c0be5001b2c8fb76d74174694cd stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoondd188c0be5001b2c8fb76d74174694cdstealer

behavioral2

raccoondd188c0be5001b2c8fb76d74174694cdstealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.