raccoon | c98d20df81567c0b314ba81bb8deb937eb385eccc352fa61258c58800d53a3d6 | Triage

Submit
Reports

Overview

overview

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

1.6MB
Sample

240913-pq62hs1fqh
MD5

a11d579c5bd5589c82fcf263519b038a
SHA1

8b728cd41c9e43122228ee58f890ecad1db20b82
SHA256

c98d20df81567c0b314ba81bb8deb937eb385eccc352fa61258c58800d53a3d6
SHA512

36bb6b900a43df3f4b003fa50e7d1e228eb3e9e4fdfdfb11dc6710cc618b8999a4703e9cf702ee4acdc67ea93aa1e5654d9a3eb2923514ac92c928e3829798ee
SSDEEP

24576:XBS5YMxUU0jQApp/rGCOVCFZ/Jb4m8W2uX75U/yj0yfFLXh1mnOWqZ:XBS5YMxwL/pUa5/n2urK/YV9R1iOW

Score

10^/10

raccoon 4e847b07368a85ebd0a57e614b4bffb9 discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20240903-en

raccoon 4e847b07368a85ebd0a57e614b4bffb9 discovery stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20240802-en

raccoon 4e847b07368a85ebd0a57e614b4bffb9 discovery stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

4e847b07368a85ebd0a57e614b4bffb9

C2

https://192.153.57.177:80

Attributes

user_agent
MrBidenNeverKnow

xor.plain

Targets

- Target
  
  file.exe
- Size
  
  1.6MB
- MD5
  
  a11d579c5bd5589c82fcf263519b038a
- SHA1
  
  8b728cd41c9e43122228ee58f890ecad1db20b82
- SHA256
  
  c98d20df81567c0b314ba81bb8deb937eb385eccc352fa61258c58800d53a3d6
- SHA512
  
  36bb6b900a43df3f4b003fa50e7d1e228eb3e9e4fdfdfb11dc6710cc618b8999a4703e9cf702ee4acdc67ea93aa1e5654d9a3eb2923514ac92c928e3829798ee
- SSDEEP
  
  24576:XBS5YMxUU0jQApp/rGCOVCFZ/Jb4m8W2uX75U/yj0yfFLXh1mnOWqZ:XBS5YMxwL/pUa5/n2urK/YV9R1iOW
Score

10^/10

raccoon 4e847b07368a85ebd0a57e614b4bffb9 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon4e847b07368a85ebd0a57e614b4bffb9discoverystealer

behavioral2

raccoon4e847b07368a85ebd0a57e614b4bffb9discoverystealer

© 2018-2024

Terms | Privacy