Overview

overview

10

Static

static

3

3196cfb0c2...18.exe

windows7-x64

10

3196cfb0c2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3196cfb0c2d6a63acf05eb1dbebd4820_JaffaCakes118

  • Size

    543KB

  • Sample

    241010-ynwmfatepg

  • MD5

    3196cfb0c2d6a63acf05eb1dbebd4820

  • SHA1

    d2287f49ee59cfb0d7e03b20ff53db26f8670e72

  • SHA256

    725fa4daee6261e5592a71c3d6c7dc45da73246bb998902556e01d00ed9996ed

  • SHA512

    9ba2d7e2ea95babd0168e8276ff8c8958e5bb42235bda1f88a8c7f239a369269488fcc26c2cab7badd68d046e7910e67a23afc6b3a6ae4875767926043528fc5

  • SSDEEP

    12288:EzpEEq3prztTIO7eAz0q4dQN0cGc+v+6LFh:EVQ3pr9nDgQN0TfvLLFh

Score
10/10
raccoon5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4discoverystealer

Malware Config

Extracted

Family

raccoon

Version

1.8.1

Botnet

5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4

Attributes
  • url4cnc

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      3196cfb0c2d6a63acf05eb1dbebd4820_JaffaCakes118

    • Size

      543KB

    • MD5

      3196cfb0c2d6a63acf05eb1dbebd4820

    • SHA1

      d2287f49ee59cfb0d7e03b20ff53db26f8670e72

    • SHA256

      725fa4daee6261e5592a71c3d6c7dc45da73246bb998902556e01d00ed9996ed

    • SHA512

      9ba2d7e2ea95babd0168e8276ff8c8958e5bb42235bda1f88a8c7f239a369269488fcc26c2cab7badd68d046e7910e67a23afc6b3a6ae4875767926043528fc5

    • SSDEEP

      12288:EzpEEq3prztTIO7eAz0q4dQN0cGc+v+6LFh:EVQ3pr9nDgQN0TfvLLFh

    Score
    10/10
    raccoon5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks