General

  • Target

    fde80c40258088be97efdc3c64bd85637a4ca4ad580c1542c001d50d10a09c97

  • Size

    491KB

  • Sample

    241105-1rs2tszerj

  • MD5

    b713197714faacaf16f0a7a3c2dd09fe

  • SHA1

    4f19a9666536c695d8d99ab7745c2bf7a543feda

  • SHA256

    fde80c40258088be97efdc3c64bd85637a4ca4ad580c1542c001d50d10a09c97

  • SHA512

    4ba7a836ace16cfd56855896ba0e06a1eb7ded68a2d0c605ef99acf975ab220364f3f3f8847a22085b34d1c0a09adaefdebfafeca49fc72524daf40cd0455ee7

  • SSDEEP

    12288:gYbP2dcxBJ81d0WlpNlLrTOshx4UnTOt4olSZVvTFlm4ng:gYD2dkJ8EypNlT7at7MjTrmeg

Malware Config

Extracted

Family

raccoon

Botnet

9ba1f879f3182979679fa30656cee429b805c305

Attributes
  • url4cnc

    https://drive.google.com/uc?export=download&id=1pUWmCbujh0yvDe5ZlIK_MaTlnav6DHvP

rc4.plain
rc4.plain

Targets

    • Target

      fde80c40258088be97efdc3c64bd85637a4ca4ad580c1542c001d50d10a09c97

    • Size

      491KB

    • MD5

      b713197714faacaf16f0a7a3c2dd09fe

    • SHA1

      4f19a9666536c695d8d99ab7745c2bf7a543feda

    • SHA256

      fde80c40258088be97efdc3c64bd85637a4ca4ad580c1542c001d50d10a09c97

    • SHA512

      4ba7a836ace16cfd56855896ba0e06a1eb7ded68a2d0c605ef99acf975ab220364f3f3f8847a22085b34d1c0a09adaefdebfafeca49fc72524daf40cd0455ee7

    • SSDEEP

      12288:gYbP2dcxBJ81d0WlpNlLrTOshx4UnTOt4olSZVvTFlm4ng:gYD2dkJ8EypNlT7at7MjTrmeg

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon family

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks