General

  • Target

    JaffaCakes118_fccfe9679f8c02044863ca2dd8b8117e1fb62a6d2ef55022d19c089a87555309

  • Size

    727.0MB

  • Sample

    241223-vdthjsvqcm

  • MD5

    a07ffe611e932758c691e1b680767b94

  • SHA1

    e12ed57f13ea7e3e4ba03ebaf9dc355fe389804c

  • SHA256

    fccfe9679f8c02044863ca2dd8b8117e1fb62a6d2ef55022d19c089a87555309

  • SHA512

    11f58d8844be96b5f3681d314f79a29fb9c8cae7fc955bdc581a769c8597099e7eb05d81aab28fd5a5ce213de15bc2008d12196fe61477eab2e46dfcb6db00c4

  • SSDEEP

    196608:6z3XPGbI0jLWr2kfVxqfEFczf3SadH/Jrx4DWC0Gmy3:unaNLWPxqMFoxIk8

Malware Config

Extracted

Family

raccoon

Botnet

6f5fbdbb69fc43f1b949dbf3e2671bfa

C2

http://51.195.166.175/

Attributes
  • user_agent

    mozzzzzzzzzzz

rc4.plain

Targets

    • Target

      JaffaCakes118_fccfe9679f8c02044863ca2dd8b8117e1fb62a6d2ef55022d19c089a87555309

    • Size

      727.0MB

    • MD5

      a07ffe611e932758c691e1b680767b94

    • SHA1

      e12ed57f13ea7e3e4ba03ebaf9dc355fe389804c

    • SHA256

      fccfe9679f8c02044863ca2dd8b8117e1fb62a6d2ef55022d19c089a87555309

    • SHA512

      11f58d8844be96b5f3681d314f79a29fb9c8cae7fc955bdc581a769c8597099e7eb05d81aab28fd5a5ce213de15bc2008d12196fe61477eab2e46dfcb6db00c4

    • SSDEEP

      196608:6z3XPGbI0jLWr2kfVxqfEFczf3SadH/Jrx4DWC0Gmy3:unaNLWPxqMFoxIk8

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V2 payload

    • Raccoon family

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks