raccoon

General

Target

2024-07-25_96fc916421245c96a28cc6e899fea82a_avoslocker_cobalt-strike_raccoonstealer_wapomi
Size

593KB
Sample

240725-l1z46sscnp
MD5

96fc916421245c96a28cc6e899fea82a
SHA1

88cb3af4ef16e0a98048664b063c5b2403b3a40a
SHA256

366f0e781208b8d55d0ececca535ed31be636e1609a655ffa9d5fc1b6587395b
SHA512

bfc6cb21e9cd70d384a4b79db2f1666a8d7f79e8e50bfd06e386b22e88f96367966683f7da0a128007bd828120893e1326b7305c7678e10e24bb201e07e78fa7
SSDEEP

12288:87AVwypN9NnwDLaDHZoFBHq3Ad4Dqo3XWRsauaaqCuJ586f:EkX9JwDLaDHZoFs3ACcRQaafn6f

Score

10^/10

Malware Config

Extracted

Family

raccoon

Botnet

6f32a51d9c7fe5326f1e05806bd56f1731747b70

Attributes

url4cnc
https://t.me/leonard0sp

rc4.plain

Targets

- Target
  
  2024-07-25_96fc916421245c96a28cc6e899fea82a_avoslocker_cobalt-strike_raccoonstealer_wapomi
- Size
  
  593KB
- MD5
  
  96fc916421245c96a28cc6e899fea82a
- SHA1
  
  88cb3af4ef16e0a98048664b063c5b2403b3a40a
- SHA256
  
  366f0e781208b8d55d0ececca535ed31be636e1609a655ffa9d5fc1b6587395b
- SHA512
  
  bfc6cb21e9cd70d384a4b79db2f1666a8d7f79e8e50bfd06e386b22e88f96367966683f7da0a128007bd828120893e1326b7305c7678e10e24bb201e07e78fa7
- SSDEEP
  
  12288:87AVwypN9NnwDLaDHZoFBHq3Ad4Dqo3XWRsauaaqCuJ586f:EkX9JwDLaDHZoFs3ACcRQaafn6f
Score

10^/10

raccoon 6f32a51d9c7fe5326f1e05806bd56f1731747b70 aspackv2 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Raccoon Stealer V1 payload

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2