raccoon | 5e11ca103543381353beac9daac75beb13a4186fa3470bf90550ee6467270a66 | Triage

Submit
Reports

Overview

overview

Static

static

3

bc6bcd6e66...18.exe

windows7-x64

bc6bcd6e66...18.exe

windows10-2004-x64

Sharing

General

Target

bc6bcd6e668a744fa25be36f93ac75bf_JaffaCakes118
Size

2.0MB
Sample

240823-tjytsawfrm
MD5

bc6bcd6e668a744fa25be36f93ac75bf
SHA1

1411e702d2d14e2578cb1e6bfc70c1d42cc80bf2
SHA256

5e11ca103543381353beac9daac75beb13a4186fa3470bf90550ee6467270a66
SHA512

4661268826802f6c0ec6da09b5a9e5c438512d0a16ccc12019d6d119f4dce24c1577321065556051f5fec78864ecab85dc3ee6d74d191738becb80030018b83b
SSDEEP

24576:YQEPpjUP3w7Mq58T+iF0GipV8s+4VHxFLjaTEAeVrM+vh8uyMGAksuqmd554qXg+:HElhL6zKU

Score

10^/10

raccoon 84a0473aa057ac59fcf77c033b94de2636469af7 discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bc6bcd6e668a744fa25be36f93ac75bf_JaffaCakes118.exe

Resource

win7-20240729-en

raccoon 84a0473aa057ac59fcf77c033b94de2636469af7 discovery stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

bc6bcd6e668a744fa25be36f93ac75bf_JaffaCakes118.exe

Resource

win10v2004-20240802-en

raccoon 84a0473aa057ac59fcf77c033b94de2636469af7 discovery stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.8.2

Botnet

84a0473aa057ac59fcf77c033b94de2636469af7

Attributes

url4cnc
http://teletop.top/viva2hocuspokus

http://teleta.top/viva2hocuspokus

https://t.me/viva2hocuspokus

rc4.plain

rc4.plain

Targets

- Target
  
  bc6bcd6e668a744fa25be36f93ac75bf_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  bc6bcd6e668a744fa25be36f93ac75bf
- SHA1
  
  1411e702d2d14e2578cb1e6bfc70c1d42cc80bf2
- SHA256
  
  5e11ca103543381353beac9daac75beb13a4186fa3470bf90550ee6467270a66
- SHA512
  
  4661268826802f6c0ec6da09b5a9e5c438512d0a16ccc12019d6d119f4dce24c1577321065556051f5fec78864ecab85dc3ee6d74d191738becb80030018b83b
- SSDEEP
  
  24576:YQEPpjUP3w7Mq58T+iF0GipV8s+4VHxFLjaTEAeVrM+vh8uyMGAksuqmd554qXg+:HElhL6zKU
Score

10^/10

raccoon 84a0473aa057ac59fcf77c033b94de2636469af7 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon84a0473aa057ac59fcf77c033b94de2636469af7discoverystealer

behavioral2

raccoon84a0473aa057ac59fcf77c033b94de2636469af7discoverystealer

© 2018-2024

Terms | Privacy