Resubmissions

30-11-2024 13:11

241130-qfbnasyper 10

06-10-2024 15:16

241006-snzffaveme 10

24-08-2024 15:38

240824-s231sayemk 10

24-08-2024 05:47

240824-ghd2rsxfrq 10

General

  • Target

    be01323b80fba9b067b964f32fb09b79_JaffaCakes118

  • Size

    541KB

  • Sample

    241130-qfbnasyper

  • MD5

    be01323b80fba9b067b964f32fb09b79

  • SHA1

    3cab41e92e0c6b2cc63e53f7e55b22db566d000a

  • SHA256

    1e89e268686b120ae6e58ebfc87c5a532d227a54c35bc3b01ed1b992503f64e2

  • SHA512

    73fa1a25fa7fccaa874d0f5e450870d93e1710991057e3af423b6b7089f30b046959e7f6f85a0e2c53b6d936b91141b4b33dcbaa676b9489e98c6bdd8d0df871

  • SSDEEP

    12288:HoHoQ2Akjmwt0+jFHCQ3cnXJ9sMuzxp6L:HOoI2mwt0+jd2nsL36L

Malware Config

Extracted

Family

raccoon

Version

1.8.2

Botnet

e672747afc67feb221ca60f8fc9e03adcf10f038

Attributes
  • url4cnc

    http://teletop.top/youyouhell0world

    http://teleta.top/youyouhell0world

    https://t.me/youyouhell0world

rc4.plain
rc4.plain

Targets

    • Target

      be01323b80fba9b067b964f32fb09b79_JaffaCakes118

    • Size

      541KB

    • MD5

      be01323b80fba9b067b964f32fb09b79

    • SHA1

      3cab41e92e0c6b2cc63e53f7e55b22db566d000a

    • SHA256

      1e89e268686b120ae6e58ebfc87c5a532d227a54c35bc3b01ed1b992503f64e2

    • SHA512

      73fa1a25fa7fccaa874d0f5e450870d93e1710991057e3af423b6b7089f30b046959e7f6f85a0e2c53b6d936b91141b4b33dcbaa676b9489e98c6bdd8d0df871

    • SSDEEP

      12288:HoHoQ2Akjmwt0+jFHCQ3cnXJ9sMuzxp6L:HOoI2mwt0+jd2nsL36L

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks