General

  • Target

    JaffaCakes118_1c6778cfa412df77abb8b3a78786a42c786e7665ce3a17fdbf444fe8ea2d58ec

  • Size

    387KB

  • Sample

    241224-ry8w7azkev

  • MD5

    c96b6c770f2760d28e1422c00f79d3fa

  • SHA1

    34d81871daeb4e0eb515e84cab33c91a86dddaeb

  • SHA256

    1c6778cfa412df77abb8b3a78786a42c786e7665ce3a17fdbf444fe8ea2d58ec

  • SHA512

    7950840cb491993d48de46e8c08390c8bed92ebe5b41a274bc8aaff6ff3859a12013477d1aa803a3c3599d468b7d4a52a5d8632f77d55e2b0761823ed65707e9

  • SSDEEP

    6144:wtLPz6elO99um8zbfANS485BXN+ku/4tOgGtDAw4D+QD1xOtb+OkpVY4EhxU4pV1:wtLeelOXuDfANSXZA8GLQD1x2iEh/B

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes
  • user_agent

    mozzzzzzzzzzz

xor.plain

Targets

    • Target

      efd643ac7526627abf920842a3b2d6e9c4db4f1496dc924d879b45cf976b434a

    • Size

      743KB

    • MD5

      6167808c3befb6ea081d4cb2d1caf6f2

    • SHA1

      2564a82d969a6a9befa8fe81fd46c8a3abbd78fb

    • SHA256

      efd643ac7526627abf920842a3b2d6e9c4db4f1496dc924d879b45cf976b434a

    • SHA512

      fe173bb98a2bda1fd75630ca4dc7bfd7dbf9113d287324feb35d9fe27299deea4027847728e8bd46d71921d15e29d0fb869cc9134ec65f6bcafd77d3a15a1be4

    • SSDEEP

      12288:N/1tTk46QbqKYT7PCsj9wptoOgIBbh5MpUAvRfJc0dT+k9h23XBDjGPA7G:N9xn628P9j0WOgIJh5M9JcKKk99PA7

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon family

MITRE ATT&CK Enterprise v15

Tasks