General

  • Target

    dac8ee3a0aae52a2e9b5bbf307606966c5174651391cf573a7af72c4a0eb2569.exe

  • Size

    513KB

  • Sample

    241120-zy3zyatkgt

  • MD5

    ee9b26fbb31bdfe4a8f580e2d9b7d456

  • SHA1

    b7db67aa207ec71aa3585c9ea24df7feaf5f33f6

  • SHA256

    dac8ee3a0aae52a2e9b5bbf307606966c5174651391cf573a7af72c4a0eb2569

  • SHA512

    22014d742f767209248837f1d76fea84d0195793fdfc54eb9a506f6e428dd77aa1fcb78ce594a026b30206ea31043079dc768ef17c62ad618e5b329dc4d6441d

  • SSDEEP

    12288:QFwCxfP1WYfrLD4oCOeOzp2md5lFOAxDW:IV18YXz/cMFOAA

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      dac8ee3a0aae52a2e9b5bbf307606966c5174651391cf573a7af72c4a0eb2569.exe

    • Size

      513KB

    • MD5

      ee9b26fbb31bdfe4a8f580e2d9b7d456

    • SHA1

      b7db67aa207ec71aa3585c9ea24df7feaf5f33f6

    • SHA256

      dac8ee3a0aae52a2e9b5bbf307606966c5174651391cf573a7af72c4a0eb2569

    • SHA512

      22014d742f767209248837f1d76fea84d0195793fdfc54eb9a506f6e428dd77aa1fcb78ce594a026b30206ea31043079dc768ef17c62ad618e5b329dc4d6441d

    • SSDEEP

      12288:QFwCxfP1WYfrLD4oCOeOzp2md5lFOAxDW:IV18YXz/cMFOAA

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks