raccoon | 60caf2fbf0ca1f0207c2bad9306648a3743e3a70f148e6acf7dc64d92049cbc9 | Triage

Sharing

General

Target

LisectAVT_2403002C_18.exe
Size

573KB
Sample

240725-b64z7s1brn
MD5

bb7e1ea8cf9fe4f06eefe15f68eee6c6
SHA1

4d5310f26f6975a8e4cca79f70e6c7c9dacdb405
SHA256

60caf2fbf0ca1f0207c2bad9306648a3743e3a70f148e6acf7dc64d92049cbc9
SHA512

bbe814ff653a50b10d40f575d0e371fa2091165c51eeb3078219e3870334433380a737675b49cab42272e0cfa8f7425c5aa93cdb5650fdec287358b2a440d317
SSDEEP

12288:D5ntsDk51T1v2AqWsmCsWZC6cm3mS5Osw4KT5uImXzsMAi8Wh5Qm6f:dntso1T1v2AVZXWZZqRzUDI

Score

10^/10

raccoon c021300d0074689fde86c87568e215c582272721 discovery

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

c021300d0074689fde86c87568e215c582272721

Attributes

url4cnc
https://tttttt.me/ch0koalpengold

rc4.plain

rc4.plain

Targets

- Target
  
  LisectAVT_2403002C_18.exe
- Size
  
  573KB
- MD5
  
  bb7e1ea8cf9fe4f06eefe15f68eee6c6
- SHA1
  
  4d5310f26f6975a8e4cca79f70e6c7c9dacdb405
- SHA256
  
  60caf2fbf0ca1f0207c2bad9306648a3743e3a70f148e6acf7dc64d92049cbc9
- SHA512
  
  bbe814ff653a50b10d40f575d0e371fa2091165c51eeb3078219e3870334433380a737675b49cab42272e0cfa8f7425c5aa93cdb5650fdec287358b2a440d317
- SSDEEP
  
  12288:D5ntsDk51T1v2AqWsmCsWZC6cm3mS5Osw4KT5uImXzsMAi8Wh5Qm6f:dntso1T1v2AVZXWZZqRzUDI
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

c021300d0074689fde86c87568e215c582272721raccoon

behavioral1

behavioral2