raccoon | 0a8f1750737d597996bd2f9e76a3dfe0c5ffaf5bfc22517e17b8bff65895a8b5 | Triage

Submit
Reports

Overview

overview

Static

static

3

fc1c49ff72...18.exe

windows7-x64

fc1c49ff72...18.exe

windows10-2004-x64

Sharing

General

Target

fc1c49ff720f627a9cc22fadd659a321_JaffaCakes118
Size

390KB
Sample

240928-mmbp4atcpg
MD5

fc1c49ff720f627a9cc22fadd659a321
SHA1

5f6a8e180bef8fcdefcfc709904c40b8c1489d8a
SHA256

0a8f1750737d597996bd2f9e76a3dfe0c5ffaf5bfc22517e17b8bff65895a8b5
SHA512

38a142e3d0a0b9f8cf26cc7ac69b4f80c52a1ebc91ca6442643427fc04e772cb7645a9b73cb37469d3950295bb51383fe5e33d9e4adb36ad9d57c2ce395beccf
SSDEEP

6144:hBxMuWIwYAE6Y59w/T0YTA5eAcZexS2941WgMwRK5xE6885+vkxdC/MAcVDiI6t4:JMxjA61/TRJAcZQSiXKKcWVlsI

Score

10^/10

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fc1c49ff720f627a9cc22fadd659a321_JaffaCakes118.exe

Resource

win7-20240903-en

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc1c49ff720f627a9cc22fadd659a321_JaffaCakes118.exe

Resource

win10v2004-20240802-en

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.2

Botnet

9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab

Attributes

url4cnc
https://telete.in/jagressor_kz

rc4.plain

rc4.plain

Targets

- Target
  
  fc1c49ff720f627a9cc22fadd659a321_JaffaCakes118
- Size
  
  390KB
- MD5
  
  fc1c49ff720f627a9cc22fadd659a321
- SHA1
  
  5f6a8e180bef8fcdefcfc709904c40b8c1489d8a
- SHA256
  
  0a8f1750737d597996bd2f9e76a3dfe0c5ffaf5bfc22517e17b8bff65895a8b5
- SHA512
  
  38a142e3d0a0b9f8cf26cc7ac69b4f80c52a1ebc91ca6442643427fc04e772cb7645a9b73cb37469d3950295bb51383fe5e33d9e4adb36ad9d57c2ce395beccf
- SSDEEP
  
  6144:hBxMuWIwYAE6Y59w/T0YTA5eAcZexS2941WgMwRK5xE6885+vkxdC/MAcVDiI6t4:JMxjA61/TRJAcZQSiXKKcWVlsI
Score

10^/10

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon9ba64f4b6fe448911470a88f09d6e7d5b92ff0abdiscoverystealer

behavioral2

raccoon9ba64f4b6fe448911470a88f09d6e7d5b92ff0abdiscoverystealer

© 2018-2024

Terms | Privacy