General

  • Target

    JaffaCakes118_7041e74e3266984a230a9532f6161139ca036a1f21089829aea11ecc99a54083

  • Size

    317KB

  • Sample

    241223-1rhabssmhw

  • MD5

    e701e1cc147e55ea4d25a4e1dc6ecc22

  • SHA1

    a2db2e6fcf75743fe2c921a44b49464e33647f51

  • SHA256

    7041e74e3266984a230a9532f6161139ca036a1f21089829aea11ecc99a54083

  • SHA512

    5dc9c10a2a8be791f262eb62f4fbded827614cd4ff93322f7447df49c77c2678ef97adc2689f3ad2126337724ce3faefb0eea87d0bf6f7f408a5f312a8176bb0

  • SSDEEP

    6144:OOng99RsJXPwxgTsqDyODlWJn+6vjbR+yCzBIBID7ontvj9ijmv1gBmuOJl0ne6V:jng99iwx4OnBvR12gI4B9ijKAm7Jl0eG

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes
  • user_agent

    mozzzzzzzzzzz

xor.plain

Targets

    • Target

      90437fd886f777ec39e392d13278bb86aa845f8d7e2883f5b71b6f082c54dafd

    • Size

      600KB

    • MD5

      c5e45151ac99d69d93d9e2cc0bef0e4c

    • SHA1

      1afdd18e36dea736744b495059fc7705f727e2bb

    • SHA256

      90437fd886f777ec39e392d13278bb86aa845f8d7e2883f5b71b6f082c54dafd

    • SHA512

      4922a86aaefd811dcfa8d910cbf258c1ea1977831897ec9bb580de484878cfbf1f5be870ef3f036b2e268eceb4d43b2168c493e0733929c117fe158d2c5caf0d

    • SSDEEP

      12288:MjiNWSEaZ/ygfMlruZ/ZPv3rS4O/Z3X6tF9PA7G:Mj2v1crE/h7SGF9PA7

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks