General

  • Target

    04c19789a1716d3e4c4596d2369b040b0b56f3e925950dfbe75403fcfa0cf403

  • Size

    585KB

  • Sample

    241224-fk2p6s1qey

  • MD5

    6136478ca6237eb48dd53d67e63284ff

  • SHA1

    45c9935633d4000c61613639d567a5a1689ef42c

  • SHA256

    04c19789a1716d3e4c4596d2369b040b0b56f3e925950dfbe75403fcfa0cf403

  • SHA512

    52d5be544a0a2bc6f9f5dbad1b0a0754629ab0f6d1955a30dd16282e7b6e951e68c5bcff5f4bbc8e6025522f0f8f7c5ceac510f4124ea28706f06b336ba91e9a

  • SSDEEP

    12288:mjn73hDQYS0ZKSS9279jgpohT+xt3/oc28vaFkfoMX:iNUYS0MSSsR+xtvoc28AoF

Malware Config

Extracted

Family

raccoon

Version

1.8.5

Botnet

d115c43f4d2f6c8bf988876d36a853fc73a3025e

Attributes
  • url4cnc

    http://91.219.236.133/h_smurf1kman_1

    http://194.180.174.145/h_smurf1kman_1

    http://188.166.1.115/h_smurf1kman_1

    http://91.219.236.139/h_smurf1kman_1

    http://194.180.174.147/h_smurf1kman_1

    http://185.3.95.153/h_smurf1kman_1

    http://185.163.204.22/h_smurf1kman_1

    https://t.me/h_smurf1kman_1

rc4.plain
rc4.plain

Targets

    • Target

      04c19789a1716d3e4c4596d2369b040b0b56f3e925950dfbe75403fcfa0cf403

    • Size

      585KB

    • MD5

      6136478ca6237eb48dd53d67e63284ff

    • SHA1

      45c9935633d4000c61613639d567a5a1689ef42c

    • SHA256

      04c19789a1716d3e4c4596d2369b040b0b56f3e925950dfbe75403fcfa0cf403

    • SHA512

      52d5be544a0a2bc6f9f5dbad1b0a0754629ab0f6d1955a30dd16282e7b6e951e68c5bcff5f4bbc8e6025522f0f8f7c5ceac510f4124ea28706f06b336ba91e9a

    • SSDEEP

      12288:mjn73hDQYS0ZKSS9279jgpohT+xt3/oc28vaFkfoMX:iNUYS0MSSsR+xtvoc28AoF

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks