raccoon | 4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...78.exe

windows7-x64

JaffaCakes...78.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378
Size

733.0MB
Sample

241229-3j7alazqfq
MD5

9626aa0997deeb8f37dc963cefa99966
SHA1

57577d29daf6c7c38955f3509faa3294b1e5e3dd
SHA256

4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378
SHA512

290d890daae88639b0b6bcdd2736da7dee7518bae7d9780428018040fea073a8e1e631bec4c29fa821e42376dd3ea7450d2eaba75c9da622168057ffb6affadb
SSDEEP

393216:Qhl33epLQlYb9lFsB2ONG95eb2gQ5UoBs2szwP2h:SflwFsB3NG98b2l3B4k+h

Score

10^/10

raccoon 42cf565e21ba7a688adcec7f3f8566f3 discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378.exe

Resource

win7-20240903-en

raccoon 42cf565e21ba7a688adcec7f3f8566f3 discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378.exe

Resource

win10v2004-20241007-en

raccoon 42cf565e21ba7a688adcec7f3f8566f3 discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

42cf565e21ba7a688adcec7f3f8566f3

C2

http://94.142.138.108:80/

Attributes

user_agent
DuckTales

xor.plain

Targets

- Target
  
  JaffaCakes118_4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378
- Size
  
  733.0MB
- MD5
  
  9626aa0997deeb8f37dc963cefa99966
- SHA1
  
  57577d29daf6c7c38955f3509faa3294b1e5e3dd
- SHA256
  
  4b0e22d3cab131a181fc028fbd01fd5a6b8421bf1f3d8bed37d8e16fbdc12378
- SHA512
  
  290d890daae88639b0b6bcdd2736da7dee7518bae7d9780428018040fea073a8e1e631bec4c29fa821e42376dd3ea7450d2eaba75c9da622168057ffb6affadb
- SSDEEP
  
  393216:Qhl33epLQlYb9lFsB2ONG95eb2gQ5UoBs2szwP2h:SflwFsB3NG98b2l3B4k+h
Score

10^/10

raccoon 42cf565e21ba7a688adcec7f3f8566f3 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon42cf565e21ba7a688adcec7f3f8566f3discoverystealer

behavioral2

raccoon42cf565e21ba7a688adcec7f3f8566f3discoverystealer

© 2018-2025

Terms | Privacy