raccoon | 35bac5ac8372c7cd7303ae2aebcd4f5eb4f93fc6e32f176880dbaf39103cea76 | Triage

Sharing

General

Target

35bac5ac8372c7cd7303ae2aebcd4f5eb4f93fc6e32f176880dbaf39103cea76.exe
Size

97KB
Sample

241018-xw7t1avhqn
MD5

0cf5248f76f6e1b9d4763637912ec294
SHA1

704d60826304fd84bcd9c6409b331924dccdd221
SHA256

35bac5ac8372c7cd7303ae2aebcd4f5eb4f93fc6e32f176880dbaf39103cea76
SHA512

ea036ec10b21020f67bbf416469068805945d620aeafc33ecdc7f243c1e1ce5b328f1bf503156ea2a365d342497a4edea28ee5ba30795d6110e954bb6ee458bc
SSDEEP

3072:VANfQKMuflyKX9FBFya6mob2lSL6RJ//5O:60O9FBn6pb+VRJ/

Score

10^/10

raccoon b4cfd0fa7c4b8a4d162d2430b547b9f8 discovery

Malware Config

Extracted

Family

raccoon

Botnet

b4cfd0fa7c4b8a4d162d2430b547b9f8

C2

http://91.92.246.197:80/

http://91.92.246.200:80/

Attributes

user_agent
SunShineMoonLight

xor.plain

Targets

- Target
  
  35bac5ac8372c7cd7303ae2aebcd4f5eb4f93fc6e32f176880dbaf39103cea76.exe
- Size
  
  97KB
- MD5
  
  0cf5248f76f6e1b9d4763637912ec294
- SHA1
  
  704d60826304fd84bcd9c6409b331924dccdd221
- SHA256
  
  35bac5ac8372c7cd7303ae2aebcd4f5eb4f93fc6e32f176880dbaf39103cea76
- SHA512
  
  ea036ec10b21020f67bbf416469068805945d620aeafc33ecdc7f243c1e1ce5b328f1bf503156ea2a365d342497a4edea28ee5ba30795d6110e954bb6ee458bc
- SSDEEP
  
  3072:VANfQKMuflyKX9FBFya6mob2lSL6RJ//5O:60O9FBn6pb+VRJ/
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

b4cfd0fa7c4b8a4d162d2430b547b9f8raccoon

behavioral1

behavioral2