raccoon | f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...ac.exe

windows7-x64

JaffaCakes...ac.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac
Size

726.9MB
Sample

241225-xqpfgasrh1
MD5

fdf9b5dce0828c2efd4b6ee4371296ef
SHA1

898a377219c48869b287f2981b1bb9186c404ca6
SHA256

f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac
SHA512

3fceae996b6e8e6b7172adb1e40ccbc830b6627239a18779ce11bac08551645cd2bb59cae3d76978019b2ad36e5ce749bdf8c6382d4c2b6f657eabfd0692606c
SSDEEP

196608:2kdXQPYsoLmVClsGsb3pBMx01gLq5hA9A:2kQYFLuHb380ZhQA

Score

10^/10

raccoon 7cf68e7ed7eb90807fe60802b7b8e549 discovery stealer

Static task

static1

7cf68e7ed7eb90807fe60802b7b8e549 raccoon

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac.exe

Resource

win7-20241010-en

raccoon 7cf68e7ed7eb90807fe60802b7b8e549 discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac.exe

Resource

win10v2004-20241007-en

raccoon 7cf68e7ed7eb90807fe60802b7b8e549 discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

7cf68e7ed7eb90807fe60802b7b8e549

C2

http://45.11.19.40

Attributes

user_agent
20112211

xor.plain

Targets

- Target
  
  JaffaCakes118_f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac
- Size
  
  726.9MB
- MD5
  
  fdf9b5dce0828c2efd4b6ee4371296ef
- SHA1
  
  898a377219c48869b287f2981b1bb9186c404ca6
- SHA256
  
  f4ebb28bbd1f333fbfbb33453e59b5435342630ec402995ed578896bcec558ac
- SHA512
  
  3fceae996b6e8e6b7172adb1e40ccbc830b6627239a18779ce11bac08551645cd2bb59cae3d76978019b2ad36e5ce749bdf8c6382d4c2b6f657eabfd0692606c
- SSDEEP
  
  196608:2kdXQPYsoLmVClsGsb3pBMx01gLq5hA9A:2kQYFLuHb380ZhQA
Score

10^/10

raccoon 7cf68e7ed7eb90807fe60802b7b8e549 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

7cf68e7ed7eb90807fe60802b7b8e549raccoon

behavioral1

raccoon7cf68e7ed7eb90807fe60802b7b8e549discoverystealer

behavioral2

raccoon7cf68e7ed7eb90807fe60802b7b8e549discoverystealer

© 2018-2024

Terms | Privacy