raccoon | 3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf | Triage

Submit
Reports

Overview

overview

Static

static

3

3bb302253b...af.exe

windows7-x64

3bb302253b...af.exe

windows10-2004-x64

Sharing

General

Target

3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf
Size

3.0MB
Sample

240816-kp8fqszblr
MD5

87a2c8c458d663ea2a1048d14322af1f
SHA1

0d959d98ebc089302e39263ba67e318d5cf30a91
SHA256

3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf
SHA512

335acd96043d29fe2a0536c2f10c0804f0752b455326bd9ddfb518a5403c83a2ff38b352c80a1cda052b72b93581d4953f487e54a9470476d6d76f3abfab92eb
SSDEEP

24576:WUz+4cv3r+ys6rm4xEJ2DU4yHcEUVFmCDjanwtTP:W/zv3r+y3EgVyHVCDjOwp

Score

10^/10

raccoon 51aff6e9402ba30682487f3dfa017fcf discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf.exe

Resource

win7-20240729-en

raccoon 51aff6e9402ba30682487f3dfa017fcf discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf.exe

Resource

win10v2004-20240802-en

raccoon 51aff6e9402ba30682487f3dfa017fcf discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

51aff6e9402ba30682487f3dfa017fcf

C2

http://195.20.16.155:80

Attributes

user_agent
MrBidenNeverKnow

xor.plain

Targets

- Target
  
  3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf
- Size
  
  3.0MB
- MD5
  
  87a2c8c458d663ea2a1048d14322af1f
- SHA1
  
  0d959d98ebc089302e39263ba67e318d5cf30a91
- SHA256
  
  3bb302253b249b71b5ddcbb788fe9fdda21be8c7575cc145262e9de161e21baf
- SHA512
  
  335acd96043d29fe2a0536c2f10c0804f0752b455326bd9ddfb518a5403c83a2ff38b352c80a1cda052b72b93581d4953f487e54a9470476d6d76f3abfab92eb
- SSDEEP
  
  24576:WUz+4cv3r+ys6rm4xEJ2DU4yHcEUVFmCDjanwtTP:W/zv3r+y3EgVyHVCDjOwp
Score

10^/10

raccoon 51aff6e9402ba30682487f3dfa017fcf discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon51aff6e9402ba30682487f3dfa017fcfdiscoverystealer

behavioral2

raccoon51aff6e9402ba30682487f3dfa017fcfdiscoverystealer

© 2018-2025

Terms | Privacy