raccoon | 8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabb | Triage

Submit
Reports

Overview

overview

Static

static

1

NEAS.8ba0b...JC.exe

windows7-x64

NEAS.8ba0b...JC.exe

windows10-2004-x64

Sharing

General

Target

NEAS.8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabbexe_JC.exe
Size

8.6MB
Sample

241105-1dktas1qar
MD5

c451a852788a27f30b7ad22a17e106a3
SHA1

4ef303ab3fbe365077f489409104673e71c741b4
SHA256

8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabb
SHA512

1155e9272f3b48b1d841c29286b3b235a664dab9ce692b7a7827b04d5d96adc20dff91ac97ccd06fab73d443546b87ec2fae98fa90dac0dcf39f71a06b4e5344
SSDEEP

196608:IZ73NmtPw6dFZNTRn4tNmtPw6dFZNTBVRO2nLBzMRr/:It30d3Zr4t0d3Z3O21MRL

Score

10^/10

raccoon 66abb93700da7ce4fb9f52da912f5cf3 discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

NEAS.8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabbexe_JC.exe

Resource

win7-20240903-en

raccoon 66abb93700da7ce4fb9f52da912f5cf3 discovery stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabbexe_JC.exe

Resource

win10v2004-20241007-en

raccoon 66abb93700da7ce4fb9f52da912f5cf3 discovery stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

66abb93700da7ce4fb9f52da912f5cf3

C2

http://45.61.138.198:80/

Attributes

user_agent
SunShineMoonLight

xor.plain

Targets

- Target
  
  NEAS.8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabbexe_JC.exe
- Size
  
  8.6MB
- MD5
  
  c451a852788a27f30b7ad22a17e106a3
- SHA1
  
  4ef303ab3fbe365077f489409104673e71c741b4
- SHA256
  
  8ba0b135c0f49d0f5728abf76685df7106c3ac2532b604123a34a238102cdabb
- SHA512
  
  1155e9272f3b48b1d841c29286b3b235a664dab9ce692b7a7827b04d5d96adc20dff91ac97ccd06fab73d443546b87ec2fae98fa90dac0dcf39f71a06b4e5344
- SSDEEP
  
  196608:IZ73NmtPw6dFZNTRn4tNmtPw6dFZNTBVRO2nLBzMRr/:It30d3Zr4t0d3Z3O21MRL
Score

10^/10

raccoon 66abb93700da7ce4fb9f52da912f5cf3 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon66abb93700da7ce4fb9f52da912f5cf3discoverystealer

behavioral2

raccoon66abb93700da7ce4fb9f52da912f5cf3discoverystealer

© 2018-2024

Terms | Privacy