raccoon | fe7c9093446f4bdd5cf993e91b0a6c42780cfac8d4d71dfdbb3c565e633f767f | Triage

Submit
Reports

Overview

overview

Static

static

3

efe92ca1be...18.exe

windows7-x64

efe92ca1be...18.exe

windows10-2004-x64

Sharing

General

Target

efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118
Size

615KB
Sample

240921-qxr2lsvfkj
MD5

efe92ca1be0addb4fc98740c3433e6b8
SHA1

571ce44d048685634d3c80254fbd05f6951bf35b
SHA256

fe7c9093446f4bdd5cf993e91b0a6c42780cfac8d4d71dfdbb3c565e633f767f
SHA512

b6fbf86607ba6aa648b29c74bb3fef34c32894c1aa7bdf79aad0849572f74199528b2c58e3a550897b0805745cb38bf3b4da59dc0d2adb216bc6e29918cf5449
SSDEEP

12288:MIWNUtkWj/SVSuArvtADZv3ElWnVuL9h1pBQG2Rb6Ftr9roPr:oUt1j/n91A1vLnVuLDBIpyV9ro

Score

10^/10

raccoon 843df8e07013ab494bdde13887b781a28c18cfec discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118.exe

Resource

win7-20240903-en

raccoon 843df8e07013ab494bdde13887b781a28c18cfec discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118.exe

Resource

win10v2004-20240802-en

raccoon 843df8e07013ab494bdde13887b781a28c18cfec discovery stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

843df8e07013ab494bdde13887b781a28c18cfec

Attributes

url4cnc
https://drive.google.com/uc?export=download&id=1-0SEcuREucC1-k5HBGE8sGu9Fz1AExrZ

rc4.plain

rc4.plain

Targets

- Target
  
  efe92ca1be0addb4fc98740c3433e6b8_JaffaCakes118
- Size
  
  615KB
- MD5
  
  efe92ca1be0addb4fc98740c3433e6b8
- SHA1
  
  571ce44d048685634d3c80254fbd05f6951bf35b
- SHA256
  
  fe7c9093446f4bdd5cf993e91b0a6c42780cfac8d4d71dfdbb3c565e633f767f
- SHA512
  
  b6fbf86607ba6aa648b29c74bb3fef34c32894c1aa7bdf79aad0849572f74199528b2c58e3a550897b0805745cb38bf3b4da59dc0d2adb216bc6e29918cf5449
- SSDEEP
  
  12288:MIWNUtkWj/SVSuArvtADZv3ElWnVuL9h1pBQG2Rb6Ftr9roPr:oUt1j/n91A1vLnVuLDBIpyV9ro
Score

10^/10

raccoon 843df8e07013ab494bdde13887b781a28c18cfec discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon843df8e07013ab494bdde13887b781a28c18cfecdiscoverystealer

behavioral2

raccoon843df8e07013ab494bdde13887b781a28c18cfecdiscoverystealer

© 2018-2024

Terms | Privacy