Overview

overview

10

Static

static

3

d150af36f2...18.exe

windows7-x64

10

d150af36f2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d150af36f2f3491f0c5f494a955cbd3a_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240907-hjlzfazhjg

  • MD5

    d150af36f2f3491f0c5f494a955cbd3a

  • SHA1

    985e5116c2236240339502e3473e5dc7a1345b30

  • SHA256

    adb4772d8d5f9ede7d8b52b1beb66db50b616e97d30231290240dbd9cda75b3e

  • SHA512

    33e14c7fd573853341eaaa5c222e441c21d21ad925d031ed7dd1db7fa25eb30af5995797c3f016dee28f99b15adb84c542cb0e7485be7d17a51afc65694bd101

  • SSDEEP

    49152:if9Q234inibHWwqq8tRcFcQXoXxxqO9zt1f5f0O:q9Q234bbe1yO

Score
10/10
raccoond0d8f0c05443081efeb9aa7979b1b9207fcc6052discoverystealer

Malware Config

Extracted

Family

raccoon

Botnet

d0d8f0c05443081efeb9aa7979b1b9207fcc6052

Attributes
  • url4cnc

    https://drive.google.com/uc?export=download&id=1EBSoPDLupsO6YQpzXcIO7q-Fk8VXBPgi

rc4.plain
rc4.plain

Targets

    • Target

      d150af36f2f3491f0c5f494a955cbd3a_JaffaCakes118

    • Size

      2.0MB

    • MD5

      d150af36f2f3491f0c5f494a955cbd3a

    • SHA1

      985e5116c2236240339502e3473e5dc7a1345b30

    • SHA256

      adb4772d8d5f9ede7d8b52b1beb66db50b616e97d30231290240dbd9cda75b3e

    • SHA512

      33e14c7fd573853341eaaa5c222e441c21d21ad925d031ed7dd1db7fa25eb30af5995797c3f016dee28f99b15adb84c542cb0e7485be7d17a51afc65694bd101

    • SSDEEP

      49152:if9Q234inibHWwqq8tRcFcQXoXxxqO9zt1f5f0O:q9Q234bbe1yO

    Score
    10/10
    raccoond0d8f0c05443081efeb9aa7979b1b9207fcc6052discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks