General

  • Target

    JaffaCakes118_6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6

  • Size

    374.4MB

  • Sample

    241222-w1t82avnax

  • MD5

    d2aec64fb25809ca1e7ecee3bb7cb549

  • SHA1

    6c5cb79e520152149b4fd7d394a23a6acab8a7d4

  • SHA256

    6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6

  • SHA512

    032ba8a59d3f97a23c00ce20363b2b311ca63ec92822dda6b88009b2bd06f95f319ce1ba0af2f32435729abebcc9629dadce3f28927ac9db54656bd3a9cb9d9a

  • SSDEEP

    196608:+nL00WLSBnr3pv6RtMxp8S6LF/nrUOhyv+2:+LiGlZv67MeS6VrUHv+

Malware Config

Extracted

Family

raccoon

Botnet

e0291cfb9b0a2405e2fa81ca16127ca9

C2

http://45.142.215.91/

http://5.182.36.233/

Attributes
  • user_agent

    TakeMyPainBack

xor.plain

Targets

    • Target

      JaffaCakes118_6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6

    • Size

      374.4MB

    • MD5

      d2aec64fb25809ca1e7ecee3bb7cb549

    • SHA1

      6c5cb79e520152149b4fd7d394a23a6acab8a7d4

    • SHA256

      6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6

    • SHA512

      032ba8a59d3f97a23c00ce20363b2b311ca63ec92822dda6b88009b2bd06f95f319ce1ba0af2f32435729abebcc9629dadce3f28927ac9db54656bd3a9cb9d9a

    • SSDEEP

      196608:+nL00WLSBnr3pv6RtMxp8S6LF/nrUOhyv+2:+LiGlZv67MeS6VrUHv+

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks