Overview

overview

10

Static

static

1

Grit game/Grit.exe

windows7-x64

10

Grit game/Grit.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_1ec2c7a0297bc7aeb47d6e69dda3972af9729c51a53bb7d336e1a496fe589d9b

  • Size

    7.5MB

  • Sample

    241221-x4llqsxlbz

  • MD5

    cce9d2d0da914a70c07753b89cb425cc

  • SHA1

    6e3c90afa2777057bc1dda799cd9de1594b7c8bc

  • SHA256

    1ec2c7a0297bc7aeb47d6e69dda3972af9729c51a53bb7d336e1a496fe589d9b

  • SHA512

    17cf45d7914ce8f31a12bfb79f81d4dd183bd185dfbb92ef0c3c63620e53ad2c6a1e368ac4115b7de0d39259eb40ac13016d4793d49cfab11599c37d7fab700e

  • SSDEEP

    196608:pp8Gwi59zHg8u7MMfiE747zsbD4QVYIFkV:z8G159EXPVYIFkV

Score
10/10
raccoon68db7c3c7f7291d80cb1883abb54ceefdiscoveryevasionstealertrojan

Malware Config

Extracted

Family

raccoon

Botnet

68db7c3c7f7291d80cb1883abb54ceef

C2

http://45.150.67.85/

Attributes
  • user_agent

    TakeMyPainBack

xor.plain

Targets

    • Target

      Grit game/Grit.exe

    • Size

      740.8MB

    • MD5

      9f0bf6322632d1172c92b1c8b062b1ec

    • SHA1

      92e99aa50eb10a985d4ed942df34739e857abd23

    • SHA256

      66f628108dfac17b09627b561bb32f8139d07e8903e495f75011494e56699414

    • SHA512

      f08808074cce27c887f3f7acdd4f94af95765607757f4cbee010902b35e1ed5b7a4a6da979adb34a1c5df6033bc75210f3337ed994430304ffcfaacb63b34200

    • SSDEEP

      196608:sHGWakOHtMT0HAzUNdIsjxoSkGTTc7u9klHYf:M1ZcAzUNdtoSkCcC9v

    Score
    10/10
    raccoon68db7c3c7f7291d80cb1883abb54ceefdiscoveryevasionstealertrojan

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon family

      raccoon

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks