General

  • Target

    4e4122121f0f3a009416fbd1f98583d0dda1cfd6b1d56e1a8f8b160626004a9f.exe

  • Size

    512KB

  • Sample

    241121-ftz8pszcrj

  • MD5

    1a7dea0d24ce41cde8fcf84824aa3c41

  • SHA1

    ca74c948d601facb6804d2d57ecb8aec2be23be5

  • SHA256

    4e4122121f0f3a009416fbd1f98583d0dda1cfd6b1d56e1a8f8b160626004a9f

  • SHA512

    a4a21a75bb046795859f9b16e94cfab1561fd69165c1eecf1b193a46aa54a895ee01c4b9c84228fc3b62e86b0b1fd537c50412e5c0a93d1fb933f48fe6bff197

  • SSDEEP

    12288:oDykdg0C7FpRIRfxzl72hef1vDs6ob0fqMcjgSunrCAb6nk/:oekdu7NIR9whef1vDRVSVerOk/

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      4e4122121f0f3a009416fbd1f98583d0dda1cfd6b1d56e1a8f8b160626004a9f.exe

    • Size

      512KB

    • MD5

      1a7dea0d24ce41cde8fcf84824aa3c41

    • SHA1

      ca74c948d601facb6804d2d57ecb8aec2be23be5

    • SHA256

      4e4122121f0f3a009416fbd1f98583d0dda1cfd6b1d56e1a8f8b160626004a9f

    • SHA512

      a4a21a75bb046795859f9b16e94cfab1561fd69165c1eecf1b193a46aa54a895ee01c4b9c84228fc3b62e86b0b1fd537c50412e5c0a93d1fb933f48fe6bff197

    • SSDEEP

      12288:oDykdg0C7FpRIRfxzl72hef1vDs6ob0fqMcjgSunrCAb6nk/:oekdu7NIR9whef1vDRVSVerOk/

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks