raccoon | b02351755f4713f71e047920ab22ab67a38ab8dd20030804f85215a51a902a9f | Triage

Submit
Reports

Overview

overview

Static

static

3

a04961e9e5...18.exe

windows7-x64

a04961e9e5...18.exe

windows10-2004-x64

Sharing

General

Target

a04961e9e565e0be2717dc56d92cdb8d_JaffaCakes118
Size

405KB
Sample

240816-21wprawejk
MD5

a04961e9e565e0be2717dc56d92cdb8d
SHA1

0e9453370248b57803a48e75dfa9a870dc68285b
SHA256

b02351755f4713f71e047920ab22ab67a38ab8dd20030804f85215a51a902a9f
SHA512

f9bb5101ea039a9ef024cfc9629fba36594e6f828de29604d4ddd65575a9c175198f946a5ef70eee1312fc79c3bb75f799bb3f607a670706f4698ebe942274ef
SSDEEP

6144:dO42ebhBAFQWXnmWHkyPtdvd056AKo3xycB9LOv+PH2h3Z7M8bkJDeYV3DlRqwS:1hbBQVd1056W3JBt+vI8oJDe6uw

Score

10^/10

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a04961e9e565e0be2717dc56d92cdb8d_JaffaCakes118.exe

Resource

win7-20240705-en

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a04961e9e565e0be2717dc56d92cdb8d_JaffaCakes118.exe

Resource

win10v2004-20240802-en

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.2

Botnet

9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab

Attributes

url4cnc
https://telete.in/jagressor_kz

rc4.plain

rc4.plain

Targets

- Target
  
  a04961e9e565e0be2717dc56d92cdb8d_JaffaCakes118
- Size
  
  405KB
- MD5
  
  a04961e9e565e0be2717dc56d92cdb8d
- SHA1
  
  0e9453370248b57803a48e75dfa9a870dc68285b
- SHA256
  
  b02351755f4713f71e047920ab22ab67a38ab8dd20030804f85215a51a902a9f
- SHA512
  
  f9bb5101ea039a9ef024cfc9629fba36594e6f828de29604d4ddd65575a9c175198f946a5ef70eee1312fc79c3bb75f799bb3f607a670706f4698ebe942274ef
- SSDEEP
  
  6144:dO42ebhBAFQWXnmWHkyPtdvd056AKo3xycB9LOv+PH2h3Z7M8bkJDeYV3DlRqwS:1hbBQVd1056W3JBt+vI8oJDe6uw
Score

10^/10

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon9ba64f4b6fe448911470a88f09d6e7d5b92ff0abdiscoverystealer

behavioral2

raccoon9ba64f4b6fe448911470a88f09d6e7d5b92ff0abdiscoverystealer

© 2018-2024

Terms | Privacy