Overview

overview

10

Static

static

3

JaffaCakes...f7.exe

windows7-x64

10

JaffaCakes...f7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9484a44f677fc8ebd6dbbb9480dc039f3e799ca9f2381c580e1e3914b2b919f7

  • Size

    730.0MB

  • Sample

    241229-d22qds1ndm

  • MD5

    06c4093950b292b57084643fdbef20d8

  • SHA1

    e9cfc6ef108e0e6ab1f33060a92bf91debd03bce

  • SHA256

    9484a44f677fc8ebd6dbbb9480dc039f3e799ca9f2381c580e1e3914b2b919f7

  • SHA512

    9b2d8b257982fc745fa8b5e906844ab54a66daf66f03f6482cec3fa584657270fd285ab15b6c9df19e44c29e52c7939c4d50e4de5683e9da0f6e886ce3eb389d

  • SSDEEP

    196608:Dqkq7xWxHjSwvcWgSNXqAK/9CHeB5DiWSzvkICfH8HryeuqKI:dxDSJQolfnDiW66cHzh

Score
10/10
raccoonf49765d62e02586d0fe162b5d3a934addiscoverystealer

Malware Config

Extracted

Family

raccoon

Botnet

f49765d62e02586d0fe162b5d3a934ad

C2

http://5.75.159.229/

http://212.113.119.153/

http://78.153.130.123/

http://212.113.119.35/
Attributes
  • user_agent

    B1D3N_RIM_MY_ASS

xor.plain

Targets

    • Target

      JaffaCakes118_9484a44f677fc8ebd6dbbb9480dc039f3e799ca9f2381c580e1e3914b2b919f7

    • Size

      730.0MB

    • MD5

      06c4093950b292b57084643fdbef20d8

    • SHA1

      e9cfc6ef108e0e6ab1f33060a92bf91debd03bce

    • SHA256

      9484a44f677fc8ebd6dbbb9480dc039f3e799ca9f2381c580e1e3914b2b919f7

    • SHA512

      9b2d8b257982fc745fa8b5e906844ab54a66daf66f03f6482cec3fa584657270fd285ab15b6c9df19e44c29e52c7939c4d50e4de5683e9da0f6e886ce3eb389d

    • SSDEEP

      196608:Dqkq7xWxHjSwvcWgSNXqAK/9CHeB5DiWSzvkICfH8HryeuqKI:dxDSJQolfnDiW66cHzh

    Score
    10/10
    raccoonf49765d62e02586d0fe162b5d3a934addiscoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V2 payload

    • Raccoon family

      raccoon
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks