raccoon | e391c466c3b83127d5372e12868d5791763c07e13b693739b2156c74878ff7ce | Triage

Submit
Reports

Overview

overview

Static

static

3

3e7ab40925...18.exe

windows7-x64

3e7ab40925...18.exe

windows10-2004-x64

Sharing

General

Target

3e7ab409251e393090044739fb45da0f_JaffaCakes118
Size

1.4MB
Sample

241013-hyz5lsyepk
MD5

3e7ab409251e393090044739fb45da0f
SHA1

59b44982386a444bc6341dbd6b89579edffb8bec
SHA256

e391c466c3b83127d5372e12868d5791763c07e13b693739b2156c74878ff7ce
SHA512

01457eb69acf3fd996debb4ef8b535ebd79addb8b2040011e7b5d75587cbc7975aa280b22268e4a79fa4731883e499e314e3c535d7d44f48208d9d33a8ad27a3
SSDEEP

24576:j9yStzEkEW2+gL9tTG4r2231883FZjyKWhuTfur:jc6ETLT7t318SF1yjhuTfur

Score

10^/10

raccoon c524886d28411e80660e573d1de51f17556d70f6 discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3e7ab409251e393090044739fb45da0f_JaffaCakes118.exe

Resource

win7-20240903-en

raccoon c524886d28411e80660e573d1de51f17556d70f6 discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

3e7ab409251e393090044739fb45da0f_JaffaCakes118.exe

Resource

win10v2004-20241007-en

raccoon c524886d28411e80660e573d1de51f17556d70f6 discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.8.1

Botnet

c524886d28411e80660e573d1de51f17556d70f6

Attributes

url4cnc
https://t.me/hobabastrepsils

rc4.plain

rc4.plain

Targets

- Target
  
  3e7ab409251e393090044739fb45da0f_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  3e7ab409251e393090044739fb45da0f
- SHA1
  
  59b44982386a444bc6341dbd6b89579edffb8bec
- SHA256
  
  e391c466c3b83127d5372e12868d5791763c07e13b693739b2156c74878ff7ce
- SHA512
  
  01457eb69acf3fd996debb4ef8b535ebd79addb8b2040011e7b5d75587cbc7975aa280b22268e4a79fa4731883e499e314e3c535d7d44f48208d9d33a8ad27a3
- SSDEEP
  
  24576:j9yStzEkEW2+gL9tTG4r2231883FZjyKWhuTfur:jc6ETLT7t318SF1yjhuTfur
Score

10^/10

raccoon c524886d28411e80660e573d1de51f17556d70f6 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoonc524886d28411e80660e573d1de51f17556d70f6discoverystealer

behavioral2

raccoonc524886d28411e80660e573d1de51f17556d70f6discoverystealer

© 2018-2024

Terms | Privacy