Overview

overview

10

Static

static

3

bf6e1e17b6...18.exe

windows7-x64

10

bf6e1e17b6...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-08-2024 21:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf6e1e17b6afd813f73c7cffd16eb778_JaffaCakes118.exe

  • Size

    467KB

  • MD5

    bf6e1e17b6afd813f73c7cffd16eb778

  • SHA1

    017522977cbe8f44e829dfade75b22d161574695

  • SHA256

    7116331436a96122d32c8dbfef9c7e78b5f1c3084b03105626f2ce4b8a5235eb

  • SHA512

    3a49b43e6b5e3c4680f84d766a057a042b5f3bbfca19eafa931d7ac48f1f798f626042d61f2a7f6d8a2143c7e915f72a6bb2bd6d87e58dabf75ca0ab021fccb0

  • SSDEEP

    12288:ceBEpbPCsM/bHQY49wkpvjQC3rq8I/Zf3Yjnb9we3yNwacdXu:IKbwD95jT0NkBwe3zr

Score
10/10
raccoon5b9507f31300da17ee8b8729dce2bce0de872f9ediscoverystealer

Malware Config

Extracted

Family

raccoon

Botnet

5b9507f31300da17ee8b8729dce2bce0de872f9e

Attributes
  • url4cnc

    https://telete.in/j_1hannibal

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 5 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\bf6e1e17b6afd813f73c7cffd16eb778_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bf6e1e17b6afd813f73c7cffd16eb778_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4336-1-0x0000000004FB0000-0x00000000050B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4336-2-0x0000000006AE0000-0x0000000006B70000-memory.dmp

    Filesize

    576KB

    Download

  • memory/4336-3-0x0000000000400000-0x0000000000493000-memory.dmp

    Filesize

    588KB

    Download

  • memory/4336-4-0x0000000004FB0000-0x00000000050B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4336-6-0x0000000006AE0000-0x0000000006B70000-memory.dmp

    Filesize

    576KB

    Download

  • memory/4336-5-0x0000000000400000-0x0000000004DF1000-memory.dmp

    Filesize

    73.9MB

    Download

  • memory/4336-7-0x0000000000400000-0x0000000000493000-memory.dmp

    Filesize

    588KB

    Download