raccoon

General

Target

c72828c3198ac27cd8ca3e45041014c3acde7b414dfdd67c65460473656e9721.exe
Size

621KB
Sample

240726-gmy8hazern
MD5

59350245ee4003c79c113a3f624b4a19
SHA1

e3bbc1c8764686f60c8810e844f3ec91415ffe78
SHA256

c72828c3198ac27cd8ca3e45041014c3acde7b414dfdd67c65460473656e9721
SHA512

a2010785e39fda200bcb8eb91ec483a88a08997278f213b43b9545ebd45f14134edc2705f51cddc33394684e30a62cd4e6410f66aaab04f6fe1f88000b43c54d
SSDEEP

12288:2wFVzgdn12PiuBWq5y6zLJ7M29SGMzmr:2AVgn+igWwVgXGMzy

Score

10^/10

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

c021300d0074689fde86c87568e215c582272721

Attributes

url4cnc
https://tttttt.me/ch0koalpengold

rc4.plain

Targets

- Target
  
  c72828c3198ac27cd8ca3e45041014c3acde7b414dfdd67c65460473656e9721.exe
- Size
  
  621KB
- MD5
  
  59350245ee4003c79c113a3f624b4a19
- SHA1
  
  e3bbc1c8764686f60c8810e844f3ec91415ffe78
- SHA256
  
  c72828c3198ac27cd8ca3e45041014c3acde7b414dfdd67c65460473656e9721
- SHA512
  
  a2010785e39fda200bcb8eb91ec483a88a08997278f213b43b9545ebd45f14134edc2705f51cddc33394684e30a62cd4e6410f66aaab04f6fe1f88000b43c54d
- SSDEEP
  
  12288:2wFVzgdn12PiuBWq5y6zLJ7M29SGMzmr:2AVgn+igWwVgXGMzy
Score

10^/10

raccoon c021300d0074689fde86c87568e215c582272721 aspackv2 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Raccoon Stealer V1 payload

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2