raccoon | e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...bb.exe

windows7-x64

JaffaCakes...bb.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb
Size

733.9MB
Sample

241221-2ge8na1rhs
MD5

7dae60e514abe3895232e4c934b69609
SHA1

6b67c83ee59b0c592104bdf2430f0a89349b3778
SHA256

e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb
SHA512

14365a1b0e87b95283d9440b316bd85e130d3a993b532a2466978070107d43bc3158d469808856e604081843ab3a6c59085325d896a52c8fb75824f469416495
SSDEEP

393216:XfcbpiXlM32/7tWJaegznTZ3XIyzchG/ZbzBcg1cR0:XaYzznTOyu0rn

Score

10^/10

raccoon dde9ddc88e9a99207ce97b7915f1d490 discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb.exe

Resource

win7-20240903-en

raccoon dde9ddc88e9a99207ce97b7915f1d490 discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb.exe

Resource

win10v2004-20241007-en

raccoon dde9ddc88e9a99207ce97b7915f1d490 discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

dde9ddc88e9a99207ce97b7915f1d490

C2

http://83.217.11.32/

http://83.217.11.31/

http://83.217.11.13

Attributes

user_agent
901785252112

xor.plain

Targets

- Target
  
  JaffaCakes118_e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb
- Size
  
  733.9MB
- MD5
  
  7dae60e514abe3895232e4c934b69609
- SHA1
  
  6b67c83ee59b0c592104bdf2430f0a89349b3778
- SHA256
  
  e78996af255ddf4f7febb24d3e4800d395a5d78111ed1d5d5ad4c2d1a8360bbb
- SHA512
  
  14365a1b0e87b95283d9440b316bd85e130d3a993b532a2466978070107d43bc3158d469808856e604081843ab3a6c59085325d896a52c8fb75824f469416495
- SSDEEP
  
  393216:XfcbpiXlM32/7tWJaegznTZ3XIyzchG/ZbzBcg1cR0:XaYzznTOyu0rn
Score

10^/10

raccoon dde9ddc88e9a99207ce97b7915f1d490 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoondde9ddc88e9a99207ce97b7915f1d490discoverystealer

behavioral2

raccoondde9ddc88e9a99207ce97b7915f1d490discoverystealer

© 2018-2024

Terms | Privacy