raccoon | 5f58de2b173fd83131e50888e3d355290b24a1b51da3c05f9c975b1524983d30 | Triage

Submit
Reports

Overview

overview

Static

static

1

35d9aa284d...18.exe

windows7-x64

35d9aa284d...18.exe

windows10-2004-x64

Sharing

General

Target

35d9aa284dad273ae6ecc08992ffca84_JaffaCakes118
Size

1020KB
Sample

241011-vdm1rsxgpl
MD5

35d9aa284dad273ae6ecc08992ffca84
SHA1

5b98344c8d89ca2831f3b02debb886477ef29725
SHA256

5f58de2b173fd83131e50888e3d355290b24a1b51da3c05f9c975b1524983d30
SHA512

945dec522ae892f1dbbfb9536a8548c641babe126762bfe8e37da0972933a43e4e4dd37744e5f7ea953f7c2a059dac988114a2db10e7f9d4a1ec8b79d1b7d4eb
SSDEEP

24576:om4c3+VbG0AOOy8G+2PMpOYoYm+FArWQdk:tcs0lOw+2PMpOYo1AA

Score

10^/10

raccoon d7b6e0cee1cd813ad40c812cf45171cf0360e249 discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

35d9aa284dad273ae6ecc08992ffca84_JaffaCakes118.exe

Resource

win7-20241010-en

raccoon d7b6e0cee1cd813ad40c812cf45171cf0360e249 discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

35d9aa284dad273ae6ecc08992ffca84_JaffaCakes118.exe

Resource

win10v2004-20241007-en

raccoon d7b6e0cee1cd813ad40c812cf45171cf0360e249 discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

d7b6e0cee1cd813ad40c812cf45171cf0360e249

Attributes

url4cnc
https://telete.in/mimipanera11

rc4.plain

rc4.plain

Targets

- Target
  
  35d9aa284dad273ae6ecc08992ffca84_JaffaCakes118
- Size
  
  1020KB
- MD5
  
  35d9aa284dad273ae6ecc08992ffca84
- SHA1
  
  5b98344c8d89ca2831f3b02debb886477ef29725
- SHA256
  
  5f58de2b173fd83131e50888e3d355290b24a1b51da3c05f9c975b1524983d30
- SHA512
  
  945dec522ae892f1dbbfb9536a8548c641babe126762bfe8e37da0972933a43e4e4dd37744e5f7ea953f7c2a059dac988114a2db10e7f9d4a1ec8b79d1b7d4eb
- SSDEEP
  
  24576:om4c3+VbG0AOOy8G+2PMpOYoYm+FArWQdk:tcs0lOw+2PMpOYo1AA
Score

10^/10

raccoon d7b6e0cee1cd813ad40c812cf45171cf0360e249 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoond7b6e0cee1cd813ad40c812cf45171cf0360e249discoverystealer

behavioral2

raccoond7b6e0cee1cd813ad40c812cf45171cf0360e249discoverystealer

© 2018-2024

Terms | Privacy