raccoon | a7a350da4a5263ee182de850ccd69662e6162b8e3fa42ed089a89be10cecbc05 | Triage

Submit
Reports

Overview

overview

Static

static

5

f814953dd1...18.exe

windows7-x64

f814953dd1...18.exe

windows10-2004-x64

Sharing

General

Target

f814953dd1903ce502be57b6bed587c0_JaffaCakes118
Size

543KB
Sample

241216-jzxxbaspcq
MD5

f814953dd1903ce502be57b6bed587c0
SHA1

a14364424796ac53fc3ff9c07c484910b8c8a068
SHA256

a7a350da4a5263ee182de850ccd69662e6162b8e3fa42ed089a89be10cecbc05
SHA512

954f3213bee3606399d5be9c54dce699bbda135544da9d0c6eb88ff42fb9069eb791712b7ffe8370288e675119a3353227b3458387f99120ee2a9b15e791dba6
SSDEEP

12288:gstMt1/5e+puY12F9aEsxcT07mRlLV708I7xNk2R/:rC/k+J2F3X7Rn708qk2R/

Score

10^/10

raccoon 5795f664a709e882ab1ab1029a85e1649f221474 discovery stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f814953dd1903ce502be57b6bed587c0_JaffaCakes118.exe

Resource

win7-20240729-en

raccoon 5795f664a709e882ab1ab1029a85e1649f221474 discovery stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

f814953dd1903ce502be57b6bed587c0_JaffaCakes118.exe

Resource

win10v2004-20241007-en

raccoon 5795f664a709e882ab1ab1029a85e1649f221474 discovery stealer upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Version

1.7.2

Botnet

5795f664a709e882ab1ab1029a85e1649f221474

Attributes

url4cnc
https://telete.in/jdiamond13

rc4.plain

rc4.plain

Targets

- Target
  
  f814953dd1903ce502be57b6bed587c0_JaffaCakes118
- Size
  
  543KB
- MD5
  
  f814953dd1903ce502be57b6bed587c0
- SHA1
  
  a14364424796ac53fc3ff9c07c484910b8c8a068
- SHA256
  
  a7a350da4a5263ee182de850ccd69662e6162b8e3fa42ed089a89be10cecbc05
- SHA512
  
  954f3213bee3606399d5be9c54dce699bbda135544da9d0c6eb88ff42fb9069eb791712b7ffe8370288e675119a3353227b3458387f99120ee2a9b15e791dba6
- SSDEEP
  
  12288:gstMt1/5e+puY12F9aEsxcT07mRlLV708I7xNk2R/:rC/k+J2F3X7Rn708qk2R/
Score

10^/10

raccoon 5795f664a709e882ab1ab1029a85e1649f221474 discovery stealer upx
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Raccoon family
  raccoon
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon5795f664a709e882ab1ab1029a85e1649f221474discoverystealerupx

behavioral2

raccoon5795f664a709e882ab1ab1029a85e1649f221474discoverystealerupx

© 2018-2024

Terms | Privacy