raccoon | e9b403eb952af5fac5daaa17eed88305e92e6533f8ae84c98844939947672502 | Triage

Sharing

General

Target

JaffaCakes118_e9b403eb952af5fac5daaa17eed88305e92e6533f8ae84c98844939947672502
Size

61KB
Sample

241229-1xpxcsxrbt
MD5

3cfd05053a371357bccd0ce42f2350fd
SHA1

513b8b8b015265d6a4522a6e62914d0998fbf532
SHA256

e9b403eb952af5fac5daaa17eed88305e92e6533f8ae84c98844939947672502
SHA512

e15af35b08f7260da3d0de3ff330aa3cb91a6dc33bd6a00fa54ef7a40685e557ae6f966929812d69d4815eaea71d24a446ae7b7438344c75fc64230e26f31222
SSDEEP

768:G3hBdh98zo8hUzAMgRt5O9hDtqCD+4yNdQiEw6ZjqZeS6R6UhSC:AdMzAzjavO9uG+NNdQ4MGQRtv

Score

10^/10

raccoon 9b19cf60d9bdf65b8a2495aa965456c3 discovery

Malware Config

Extracted

Family

raccoon

Botnet

9b19cf60d9bdf65b8a2495aa965456c3

C2

http://5.2.70.65/

Attributes

user_agent
TakeMyPainBack

xor.plain

Targets

- Target
  
  JaffaCakes118_e9b403eb952af5fac5daaa17eed88305e92e6533f8ae84c98844939947672502
- Size
  
  61KB
- MD5
  
  3cfd05053a371357bccd0ce42f2350fd
- SHA1
  
  513b8b8b015265d6a4522a6e62914d0998fbf532
- SHA256
  
  e9b403eb952af5fac5daaa17eed88305e92e6533f8ae84c98844939947672502
- SHA512
  
  e15af35b08f7260da3d0de3ff330aa3cb91a6dc33bd6a00fa54ef7a40685e557ae6f966929812d69d4815eaea71d24a446ae7b7438344c75fc64230e26f31222
- SSDEEP
  
  768:G3hBdh98zo8hUzAMgRt5O9hDtqCD+4yNdQiEw6ZjqZeS6R6UhSC:AdMzAzjavO9uG+NNdQ4MGQRtv
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

9b19cf60d9bdf65b8a2495aa965456c3raccoon

behavioral1

behavioral2