raccoon | 42dfd9d241d39de6864a5154e938f7582b2e4f3d104efddce702a0afc5944e12 | Triage

Sharing

General

Target

JaffaCakes118_42dfd9d241d39de6864a5154e938f7582b2e4f3d104efddce702a0afc5944e12
Size

317KB
Sample

241222-kagpga1jfx
MD5

d4374bc1aeaa99fef3e40adcfc951d37
SHA1

02aa6ec451bed2e2616f80ea66bf8d9a481c241c
SHA256

42dfd9d241d39de6864a5154e938f7582b2e4f3d104efddce702a0afc5944e12
SHA512

95181af0375d1ddd8e318cd8cf781965e54679dbd7ffbcf071992aca6ab3fa9cf168f9771963afd6cc34195bb62cd457d7035e992402dee0a9726c86a6dfd392
SSDEEP

6144:UOng99RsJXPwxgTsqDyODlWJn+6vjbR+yCzBIBID7ontvj9ijmvxAubaDEM1:5ng99iwx4OnBvR12gI4B9ijKZaD/

Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes

user_agent
mozzzzzzzzzzz

xor.plain

Targets

- Target
  
  de6cc49f88b3473dfae562386d19d782a07d025251e2292a40831caa2c8f7a5d
- Size
  
  600KB
- MD5
  
  8a18ba233556b53bb6c9b15bf2016597
- SHA1
  
  5e6b91bb57b43db943bfbd74ac22a645e7006605
- SHA256
  
  de6cc49f88b3473dfae562386d19d782a07d025251e2292a40831caa2c8f7a5d
- SHA512
  
  b08ac06a05093aff4dec56ef5272ddc699de5fdcd58ef2f598f9c6f85b0a1aef2cd16c85aa8f9e2829e6bb396b4ffb74d251d11d7cbf38d32b0e34c278f4f8eb
- SSDEEP
  
  12288:MjiNWSEaZ/ygfMlruZ/ZPv3rS4O/Z3X6tFNPA7G:Mj2v1crE/h7SGFNPA7
Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer

behavioral2

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer