raccoon | d7d73e0ac2e7e5e8a03512419131bec2902f54fc5c10df472eb74f99757a8897 | Triage

Sharing

General

Target

JaffaCakes118_d7d73e0ac2e7e5e8a03512419131bec2902f54fc5c10df472eb74f99757a8897
Size

317KB
Sample

241229-cmxx8ayqct
MD5

ef6b163393afdad040a355f3a0912a3b
SHA1

aa3f416b88b2dc5c7d98daedf56defdfad8f8ecc
SHA256

d7d73e0ac2e7e5e8a03512419131bec2902f54fc5c10df472eb74f99757a8897
SHA512

24ca26d45ebe30c5fc30d142129df675bc299dec4b5839f26c940642a014628f71c2dc231156c6679065d16cb51be08922bf07de795883e6c38bde80bae8c659
SSDEEP

6144:lOng99RsJXPwxgTsqDyODlWJn+6vjbR+yCzBIBID7ontvj9ijmvP0fbp:0ng99iwx4OnBvR12gI4B9ijKol

Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes

user_agent
mozzzzzzzzzzz

xor.plain

Targets

- Target
  
  c87122e17c5f767b2d7dc18d4de1b9b79bb6b42e4e35a3b7e48f590ce3abe1e4
- Size
  
  600KB
- MD5
  
  187da6c3350991404531d474978d8768
- SHA1
  
  3f15f05c77969fc4ca10d5cafab7501c5b05f496
- SHA256
  
  c87122e17c5f767b2d7dc18d4de1b9b79bb6b42e4e35a3b7e48f590ce3abe1e4
- SHA512
  
  425f13df6735e8c1940d167ab1510d8b8cff60fadc61fc8d08a3bc6ab0acf13ee8b7d7297e60a8963f329265a08c7e1a90872aa475168cbc060964bf489c2d93
- SSDEEP
  
  12288:MjiNWSEaZ/ygfMlruZ/ZPv3rS4O/Z3X6tFhPA7G:Mj2v1crE/h7SGFhPA7
Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer

behavioral2

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer