raccoon | fa6b29b3dc5d47fd549c0cde37077d1b6cb9cfa888ee8923dd3f14c048cf9853 | Triage

Sharing

General

Target

fa6b29b3dc5d47fd549c0cde37077d1b6cb9cfa888ee8923dd3f14c048cf9853.exe
Size

82KB
Sample

241124-weq99axpaq
MD5

9cd819d1b2a5ed0a600b40ff3dc87fc2
SHA1

9ed2b3ebbb39ba4b0ff61f8860361f8d7b3a8758
SHA256

fa6b29b3dc5d47fd549c0cde37077d1b6cb9cfa888ee8923dd3f14c048cf9853
SHA512

38f2e666c7983ddffcfd305600b57629ff365657abacdf6876502355b2ea53cdc7ee84fd8aefbb2eb32063f4ce50b55185aca259b64c4f2b974c475f0b8ae277
SSDEEP

1536:ARLNQIfcBuof7xJPYuPfwO3dL7C5aq5v+E/LtRWIOQqzMo7BlQdHrS5:ULN3Iuof7TY44O3dL71KRRzOBfsdHe

Score

10^/10

raccoon 026a5795a867a184e82f15f57faab366 discovery

Malware Config

Extracted

Family

raccoon

Botnet

026a5795a867a184e82f15f57faab366

C2

http://193.233.132.12:80/

http://31.192.237.23:80/

Attributes

user_agent
SouthSide

xor.plain

Targets

- Target
  
  fa6b29b3dc5d47fd549c0cde37077d1b6cb9cfa888ee8923dd3f14c048cf9853.exe
- Size
  
  82KB
- MD5
  
  9cd819d1b2a5ed0a600b40ff3dc87fc2
- SHA1
  
  9ed2b3ebbb39ba4b0ff61f8860361f8d7b3a8758
- SHA256
  
  fa6b29b3dc5d47fd549c0cde37077d1b6cb9cfa888ee8923dd3f14c048cf9853
- SHA512
  
  38f2e666c7983ddffcfd305600b57629ff365657abacdf6876502355b2ea53cdc7ee84fd8aefbb2eb32063f4ce50b55185aca259b64c4f2b974c475f0b8ae277
- SSDEEP
  
  1536:ARLNQIfcBuof7xJPYuPfwO3dL7C5aq5v+E/LtRWIOQqzMo7BlQdHrS5:ULN3Iuof7TY44O3dL71KRRzOBfsdHe
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

026a5795a867a184e82f15f57faab366raccoon

behavioral1

behavioral2