raccoon | af2d5f7a12c50d50c079939b5e7ebd35814aa96462e0a0df7427667cad460a9a | Triage

Sharing

General

Target

JaffaCakes118_af2d5f7a12c50d50c079939b5e7ebd35814aa96462e0a0df7427667cad460a9a
Size

317KB
Sample

241226-xrebwsvrej
MD5

d16abad8db9a7efffc68c63650eb93fb
SHA1

b2a68fd08aecc6e67efb4cbbc6050d48437ee646
SHA256

af2d5f7a12c50d50c079939b5e7ebd35814aa96462e0a0df7427667cad460a9a
SHA512

173642fa7e39e30609b3da1f7699bc5519832db32b74ba6ed0139e72ee0022a30ed7221e3f551697aece6107d80e601fc0a34e7f82a63c4fd621f98315ea24ba
SSDEEP

6144:4Ong99RsJXPwxgTsqDyODlWJn+6vjbR+yCzBIBID7ontvj9ijmvOAubaDEMV:lng99iwx4OnBvR12gI4B9ijKWaD7

Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes

user_agent
mozzzzzzzzzzz

xor.plain

Targets

- Target
  
  0632bbfc04d454887afe90f1376ef41f9c1ff8f66a6699cacfa0d04a05cf257d
- Size
  
  600KB
- MD5
  
  8205838dad47284c2494d35892783e1e
- SHA1
  
  82de1b66952fa0554acdd1dcbb816f61929977e8
- SHA256
  
  0632bbfc04d454887afe90f1376ef41f9c1ff8f66a6699cacfa0d04a05cf257d
- SHA512
  
  21da1bc98bcaf2c08e82e78ca2509739c0f2a5a8da3bf3bad1874daf006101b9ad71fdabd8e493b51e95cb646a098c13c2b81c7c2212841d1df7e547888fca7d
- SSDEEP
  
  12288:MjiNWSEaZ/ygfMlruZ/ZPv3rS4O/Z3X6tF9PA7G:Mj2v1crE/h7SGF9PA7
Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer

behavioral2

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer