raccoon | af986df799e81706f1d1c387b3f6c2869325f0285550a9958bc8676a1bf299e1 | Triage

Sharing

General

Target

JaffaCakes118_af986df799e81706f1d1c387b3f6c2869325f0285550a9958bc8676a1bf299e1
Size

317KB
Sample

241229-hy3whawmck
MD5

cc71bd35074109d1e8d79693d0a1a52e
SHA1

b722acc49cc03942d1ca61b15c0cd9a13f5430ac
SHA256

af986df799e81706f1d1c387b3f6c2869325f0285550a9958bc8676a1bf299e1
SHA512

5c6187fd3d11de7938a7b6b41c3f26150e24d8bfa0440e4652a67f152985283cacfbd1ce50ccb007501a0083dfddcf3eef41b9d4f24781d66b3007ae7f0eca66
SSDEEP

6144:hOng99RsJXPwxgTsqDyODlWJn+6vjbR+yCzBIBID7ontvj9ijmv/NF85yDZ:ong99iwx4OnBvR12gI4B9ijK/DZ

Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer

Malware Config

Extracted

Family

raccoon

Botnet

afb5c633c4650f69312baef49db9dfa4

C2

http://193.56.146.177

Attributes

user_agent
mozzzzzzzzzzz

xor.plain

Targets

- Target
  
  416ddf0f599a2dbbae66c18a3125ba8bd147e6ac798b2575ec8ef6725c25f8b7
- Size
  
  600KB
- MD5
  
  be1a2247e83b285385dcb7c3d486f004
- SHA1
  
  b9d8606e4db25cd681d4bae17e3965d65021d9db
- SHA256
  
  416ddf0f599a2dbbae66c18a3125ba8bd147e6ac798b2575ec8ef6725c25f8b7
- SHA512
  
  57148a97bdf6516dadf5ae564d1c2f1255ca4e071c264b352c0128ae258332fd3ab7f5404dbec6f029bac2df52c99140544969b7178abd7755736c94c367bd37
- SSDEEP
  
  12288:MjiNWSEaZ/ygfMlruZ/ZPv3rS4O/Z3X6tFVPA7G:Mj2v1crE/h7SGFVPA7
Score

10^/10

raccoon afb5c633c4650f69312baef49db9dfa4 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer

behavioral2

raccoonafb5c633c4650f69312baef49db9dfa4discoverystealer