raccoon | 22d051ccc836061b416f4313e7d80a4a7ebd7ccddd98e76e237c77d7acc448bf | Triage

Submit
Reports

Overview

overview

Static

static

1

8172b1295e...18.exe

windows7-x64

8172b1295e...18.exe

windows10-2004-x64

Sharing

General

Target

8172b1295e56e6a4bf1be0ef039f590d_JaffaCakes118
Size

1.3MB
Sample

241031-d2ekvsxlh1
MD5

8172b1295e56e6a4bf1be0ef039f590d
SHA1

2bd1738668ccf437d911767aa1ef405e1517fbf7
SHA256

22d051ccc836061b416f4313e7d80a4a7ebd7ccddd98e76e237c77d7acc448bf
SHA512

3ca699cd1a52ff81d75a99fa6ad1818658a9740498c05bd7cfb713ece09e7fe685de4454787e41453b2715b5da24d5e5d33b049f555c92285a46a55d19d6f893
SSDEEP

24576:5EEpLWGqTHBuqCN3B0cwFCZXhmmvAo4UaaELxnM8yDB+VQB3Zb5PeSCfGq/W7S:vHeuqk3D7hIo5alFLy0eB3Zb5e4qZ

Score

10^/10

raccoon 002b30883c17c8f88409e64eae3f78a3799090e4 discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

8172b1295e56e6a4bf1be0ef039f590d_JaffaCakes118.exe

Resource

win7-20240903-en

raccoon 002b30883c17c8f88409e64eae3f78a3799090e4 discovery stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

8172b1295e56e6a4bf1be0ef039f590d_JaffaCakes118.exe

Resource

win10v2004-20241007-en

raccoon 002b30883c17c8f88409e64eae3f78a3799090e4 discovery stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

002b30883c17c8f88409e64eae3f78a3799090e4

Attributes

url4cnc
https://telete.in/uisqrazdvatri

rc4.plain

rc4.plain

Targets

- Target
  
  8172b1295e56e6a4bf1be0ef039f590d_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  8172b1295e56e6a4bf1be0ef039f590d
- SHA1
  
  2bd1738668ccf437d911767aa1ef405e1517fbf7
- SHA256
  
  22d051ccc836061b416f4313e7d80a4a7ebd7ccddd98e76e237c77d7acc448bf
- SHA512
  
  3ca699cd1a52ff81d75a99fa6ad1818658a9740498c05bd7cfb713ece09e7fe685de4454787e41453b2715b5da24d5e5d33b049f555c92285a46a55d19d6f893
- SSDEEP
  
  24576:5EEpLWGqTHBuqCN3B0cwFCZXhmmvAo4UaaELxnM8yDB+VQB3Zb5PeSCfGq/W7S:vHeuqk3D7hIo5alFLy0eB3Zb5e4qZ
Score

10^/10

raccoon 002b30883c17c8f88409e64eae3f78a3799090e4 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Raccoon family
  raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon002b30883c17c8f88409e64eae3f78a3799090e4discoverystealer

behavioral2

raccoon002b30883c17c8f88409e64eae3f78a3799090e4discoverystealer

© 2018-2024

Terms | Privacy