raccoon | 03e2902442c6ab8ba4220b6d1b4844ddcfc88786fe29d839e9f99315b1b91999 | Triage

Submit
Reports

Overview

overview

Static

static

1

7fec7bcf4f...18.exe

windows7-x64

7fec7bcf4f...18.exe

windows10-2004-x64

Sharing

General

Target

7fec7bcf4fc833801cd4f98f5e7d8809_JaffaCakes118
Size

1.4MB
Sample

241030-tv8hcsymal
MD5

7fec7bcf4fc833801cd4f98f5e7d8809
SHA1

1f4eb19191fed3ca497a4451d69b4fbe63f55c7a
SHA256

03e2902442c6ab8ba4220b6d1b4844ddcfc88786fe29d839e9f99315b1b91999
SHA512

92aaeed8d2eb54d5ec1e1ee4c0733f90dd80fc32bb76da3e46393dcc6371129b2213875befa9875923d0a99b45ccdc58504ded7ea031e5cff8eb416152495022
SSDEEP

24576:AHptdXPcVH5lvPcl8z88P8XYHRjJIp2zDbZSK4JM4KWgoP01Q6mQykEUGvd+stbo:Ept38z7Pip2/bZCfKWb82QGvd+OkEasA

Score

10^/10

raccoon 95ddd68c501dee5af06b5d38a630c8c5e02817b3 discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

7fec7bcf4fc833801cd4f98f5e7d8809_JaffaCakes118.exe

Resource

win7-20240903-en

raccoon 95ddd68c501dee5af06b5d38a630c8c5e02817b3 discovery stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

7fec7bcf4fc833801cd4f98f5e7d8809_JaffaCakes118.exe

Resource

win10v2004-20241007-en

raccoon 95ddd68c501dee5af06b5d38a630c8c5e02817b3 discovery stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

95ddd68c501dee5af06b5d38a630c8c5e02817b3

Attributes

url4cnc
https://telete.in/jredmankun

rc4.plain

rc4.plain

Targets

- Target
  
  7fec7bcf4fc833801cd4f98f5e7d8809_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  7fec7bcf4fc833801cd4f98f5e7d8809
- SHA1
  
  1f4eb19191fed3ca497a4451d69b4fbe63f55c7a
- SHA256
  
  03e2902442c6ab8ba4220b6d1b4844ddcfc88786fe29d839e9f99315b1b91999
- SHA512
  
  92aaeed8d2eb54d5ec1e1ee4c0733f90dd80fc32bb76da3e46393dcc6371129b2213875befa9875923d0a99b45ccdc58504ded7ea031e5cff8eb416152495022
- SSDEEP
  
  24576:AHptdXPcVH5lvPcl8z88P8XYHRjJIp2zDbZSK4JM4KWgoP01Q6mQykEUGvd+stbo:Ept38z7Pip2/bZCfKWb82QGvd+OkEasA
Score

10^/10

raccoon 95ddd68c501dee5af06b5d38a630c8c5e02817b3 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Raccoon family
  raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon95ddd68c501dee5af06b5d38a630c8c5e02817b3discoverystealer

behavioral2

raccoon95ddd68c501dee5af06b5d38a630c8c5e02817b3discoverystealer

© 2018-2024

Terms | Privacy