General

  • Target

    JaffaCakes118_3a8c60738c38ca5ea9ed5f4acf0ce57f9f654828c7c38a19415be9a148a6008f

  • Size

    394KB

  • Sample

    241224-qqahzsykgx

  • MD5

    2a0279812ebe49afb40d22881b52d902

  • SHA1

    499bbfeb745cc89416d3d418e525a899edbaff7a

  • SHA256

    3a8c60738c38ca5ea9ed5f4acf0ce57f9f654828c7c38a19415be9a148a6008f

  • SHA512

    25d625f6a3374c23d640f5f5b90bf534b6edeba64755ab3e6e3a2c1dc0d7481887893924d8796fc74e4f969dd432c5150f614c391679439aa85c3b8dd74f31af

  • SSDEEP

    6144:ceBDwAjEAG1GfI/V1q8UWgZzrhEK0ZjjWO1rcU3xm7b7HLoS2AC4CJKy0NmNw:Z/AR1GQxcXWjprP3xm7nJ2ACJJI

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes
  • user_agent

    mozzzzzzzzzzz

xor.plain

Targets

    • Target

      c81931f9425889fd9552532636ee97260aa3ab96366414e1c923f1ed59cdcde3

    • Size

      755KB

    • MD5

      efb3bb1315c6bed973131a143b8f9ade

    • SHA1

      884df087c4f38a7ffeca0c403870b418f91b489d

    • SHA256

      c81931f9425889fd9552532636ee97260aa3ab96366414e1c923f1ed59cdcde3

    • SHA512

      32f7abcf9cd2c9ebb53c6dec1e39975cd765f13323cdbdc32301e5f9ad6b617ec37fa94354c8364c656c96ba6aa1c672bdd0bcf926b9966fdd2b95f2b2de779b

    • SSDEEP

      12288:yeEi/ncDf0RRXvU8o03rT8J36hWIOfyec/N8h98G0yZ5+eSyAxdRdPA7F7W:civcAzFo0S3v6ZI5+3x5PA7

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks