raccoon

Resubmissions

14-12-2024 11:27

241214-nkeveazpex 10

Sharing

Copy URL

Twitter E-mail

General

Target

Raccoon.Stealer.v2.sha.zip
Size

589KB
Sample

241214-nkeveazpex
MD5

0831d0df9d7696f6aed73600539cdb3f
SHA1

a36cc1fde961edc0de12a70235517fcb9d8fe930
SHA256

2b574142c27e20f6fd8a1285772104c9e13774631d3173f2eb825dae4a6ffe65
SHA512

8618a315967c12116503a711030c6c3c1d6207b6ce121865944202556a1ea3ed7eca31fdf0b6f91193c38e352ad165b9a767514535c59a18cf056cf0472cd995
SSDEEP

12288:3T0zBDiyKxxceujRPQFW0WuKDHI9yWAryOMIAxQ2UvO5v6xATr0xEQB:oRiyKL4jR4c0oYFOMrUvOZV0xP

Malware Config

Extracted

Family

raccoon

Botnet

403f7b121a3afd9e8d27f945140b8a92

http://2.58.56.247

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

59c9737264c0b3209d9193b8ded6c127

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

e2586fb50f7434bfb05d10accaefc49b

http://194.156.98.151

http://178.128.94.180

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

3ed895c4ff5dc5ec85caa2a9d1bed0f2

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

5f3e2ed386ddeccffbb4e34c56fc2efd

http://192.248.184.34/

http://140.82.52.55/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

e585741d6b0b8a4e8192f16d8039618c

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

493cd800ef7e79f58f8ff5358ddf39e3

http://85.202.169.112/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

b695af1820665d4dec830ca4a9dcca08

http://91.194.11.43/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

501a1e4179cf717ac47928b0babb659b

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

e659c40e6a0038a59a752ff4d0ceb719

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

251130064569c4e8c0c5b31929396cc7

http://142.132.180.233/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

fb389acc0c06486bd2eaf61e0a781e10

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

918c80e5f68acd2d6e7bb4b7d37a9190

http://185.225.19.198/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

3ae13dbd91e0fa85463715dc48979fb2

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

8dfaf19d5f208c09ef40073e938545f5

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

b9418e8977fce1050745c6371e5d9b89

http://51.195.166.184/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

0d78fe0763f83f0ac733762de262c556

http://142.132.225.253/

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

77975b9923aa5e257840086ae38f4f7c

http://31.13.195.44

Attributes

user_agent
record

rc4.plain

Extracted

Family

raccoon

Botnet

e2ae951b7762cdae39d49918c5b3283d

http://51.195.166.201/

Attributes

user_agent
record

rc4.plain

Targets

- Target
  
  Raccoon.Stealer.v2.sha.zip
- Size
  
  589KB
- MD5
  
  0831d0df9d7696f6aed73600539cdb3f
- SHA1
  
  a36cc1fde961edc0de12a70235517fcb9d8fe930
- SHA256
  
  2b574142c27e20f6fd8a1285772104c9e13774631d3173f2eb825dae4a6ffe65
- SHA512
  
  8618a315967c12116503a711030c6c3c1d6207b6ce121865944202556a1ea3ed7eca31fdf0b6f91193c38e352ad165b9a767514535c59a18cf056cf0472cd995
- SSDEEP
  
  12288:3T0zBDiyKxxceujRPQFW0WuKDHI9yWAryOMIAxQ2UvO5v6xATr0xEQB:oRiyKL4jR4c0oYFOMrUvOZV0xP
Score

10^/10

raccoon 0d78fe0763f83f0ac733762de262c556 251130064569c4e8c0c5b31929396cc7 3ae13dbd91e0fa85463715dc48979fb2 3ed895c4ff5dc5ec85caa2a9d1bed0f2 403f7b121a3afd9e8d27f945140b8a92 493cd800ef7e79f58f8ff5358ddf39e3 501a1e4179cf717ac47928b0babb659b 59c9737264c0b3209d9193b8ded6c127 5f3e2ed386ddeccffbb4e34c56fc2efd 77975b9923aa5e257840086ae38f4f7c 8dfaf19d5f208c09ef40073e938545f5 918c80e5f68acd2d6e7bb4b7d37a9190 b9418e8977fce1050745c6371e5d9b89 e2586fb50f7434bfb05d10accaefc49b e2ae951b7762cdae39d49918c5b3283d e585741d6b0b8a4e8192f16d8039618c e659c40e6a0038a59a752ff4d0ceb719 fb389acc0c06486bd2eaf61e0a781e10 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon family
  raccoon
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

403f7b121a3afd9e8d27f945140b8a9259c9737264c0b3209d9193b8ded6c127e2586fb50f7434bfb05d10accaefc49b3ed895c4ff5dc5ec85caa2a9d1bed0f25f3e2ed386ddeccffbb4e34c56fc2efde585741d6b0b8a4e8192f16d8039618c493cd800ef7e79f58f8ff5358ddf39e3b695af1820665d4dec830ca4a9dcca08501a1e4179cf717ac47928b0babb659be659c40e6a0038a59a752ff4d0ceb719251130064569c4e8c0c5b31929396cc7fb389acc0c06486bd2eaf61e0a781e10918c80e5f68acd2d6e7bb4b7d37a91903ae13dbd91e0fa85463715dc48979fb28dfaf19d5f208c09ef40073e938545f5b9418e8977fce1050745c6371e5d9b890d78fe0763f83f0ac733762de262c55677975b9923aa5e257840086ae38f4f7ce2ae951b7762cdae39d49918c5b3283draccoon

Score

10^/10

behavioral1

raccoon0d78fe0763f83f0ac733762de262c556251130064569c4e8c0c5b31929396cc73ae13dbd91e0fa85463715dc48979fb23ed895c4ff5dc5ec85caa2a9d1bed0f2403f7b121a3afd9e8d27f945140b8a92493cd800ef7e79f58f8ff5358ddf39e3501a1e4179cf717ac47928b0babb659b59c9737264c0b3209d9193b8ded6c1275f3e2ed386ddeccffbb4e34c56fc2efd77975b9923aa5e257840086ae38f4f7c8dfaf19d5f208c09ef40073e938545f5918c80e5f68acd2d6e7bb4b7d37a9190b9418e8977fce1050745c6371e5d9b89e2586fb50f7434bfb05d10accaefc49be2ae951b7762cdae39d49918c5b3283de585741d6b0b8a4e8192f16d8039618ce659c40e6a0038a59a752ff4d0ceb719fb389acc0c06486bd2eaf61e0a781e10discoverystealer

Score

10^/10

Resubmissions

Sharing

General

Malware Config

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Targets

Raccoon family

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1