raccoon | e4923ef723752a4bcb7082cb4b6df0c4330d6823e1e233f842c6d67aea275232 | Triage

Submit
Reports

Overview

overview

Static

static

5

Setup.exe

windows7-x64

Setup.exe

windows10-2004-x64

Sharing

General

Target

Setup.exe
Size

1.4MB
Sample

241218-bt6m9sxrek
MD5

24444287765f88b5a8b63e1f66b074a4
SHA1

16aecb16cafce9d5ad85f0dd9ed94c3e0f2f40d3
SHA256

e4923ef723752a4bcb7082cb4b6df0c4330d6823e1e233f842c6d67aea275232
SHA512

fe65e94a68096fa51f4abc29d1245ffb2df02a158f06a84528688d59810a71dfeedf6b8c1eaff984b9a171c70a0605a59c947f28a5b14c309289ba10a14dd3cf
SSDEEP

24576:sAHnh+eWsN3skA4RV1Hom2KXMmHad/+lZUg83lTR08G4Dlda+T5:Lh+ZkldoPK8Yad/+z6HLLaK

Score

10^/10

raccoon a195dbd69ca528bed35b69aa07ed167e discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Setup.exe

Resource

win7-20240903-en

raccoon a195dbd69ca528bed35b69aa07ed167e discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Setup.exe

Resource

win10v2004-20241007-en

raccoon a195dbd69ca528bed35b69aa07ed167e discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

a195dbd69ca528bed35b69aa07ed167e

C2

http://45.8.145.76/

Attributes

user_agent
23591

xor.plain

Targets

- Target
  
  Setup.exe
- Size
  
  1.4MB
- MD5
  
  24444287765f88b5a8b63e1f66b074a4
- SHA1
  
  16aecb16cafce9d5ad85f0dd9ed94c3e0f2f40d3
- SHA256
  
  e4923ef723752a4bcb7082cb4b6df0c4330d6823e1e233f842c6d67aea275232
- SHA512
  
  fe65e94a68096fa51f4abc29d1245ffb2df02a158f06a84528688d59810a71dfeedf6b8c1eaff984b9a171c70a0605a59c947f28a5b14c309289ba10a14dd3cf
- SSDEEP
  
  24576:sAHnh+eWsN3skA4RV1Hom2KXMmHad/+lZUg83lTR08G4Dlda+T5:Lh+ZkldoPK8Yad/+z6HLLaK
Score

10^/10

raccoon a195dbd69ca528bed35b69aa07ed167e discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoona195dbd69ca528bed35b69aa07ed167ediscoverystealer

behavioral2

raccoona195dbd69ca528bed35b69aa07ed167ediscoverystealer

© 2018-2024

Terms | Privacy