raccoon

General

Target

JaffaCakes118_adfb9e52d341ceb8c6f1bea96b23b80f1828b8f902e509b524c55c2b25d6aaf8
Size

730.1MB
Sample

241230-b8d7katpem
MD5

4c293c10a4a2014fd811c08dbb8e9d17
SHA1

f65cabfbfc454bbdda91ec4cd45495d442abdd36
SHA256

adfb9e52d341ceb8c6f1bea96b23b80f1828b8f902e509b524c55c2b25d6aaf8
SHA512

3ca5bc6f1b342154b248451f2b910e43f9b325579059c58968b17654490bc773bffedec18b0ff2114e896353de0b5cacc94a9afbe4cd592f38b669f594def1f8
SSDEEP

393216:/eh8bCTZIQ6UgKYAS91oxquhFuhPAUlmpqP:/88GTZIQ6qSCThcTlmp+

Score

10^/10

Malware Config

Extracted

Family

raccoon

Botnet

f49765d62e02586d0fe162b5d3a934ad

C2

http://78.153.130.123/

http://212.113.119.35/

http://212.113.119.48/

http://212.113.106.218/

Attributes

user_agent
B1D3N_RIM_MY_ASS

xor.plain

Targets

- Target
  
  JaffaCakes118_adfb9e52d341ceb8c6f1bea96b23b80f1828b8f902e509b524c55c2b25d6aaf8
- Size
  
  730.1MB
- MD5
  
  4c293c10a4a2014fd811c08dbb8e9d17
- SHA1
  
  f65cabfbfc454bbdda91ec4cd45495d442abdd36
- SHA256
  
  adfb9e52d341ceb8c6f1bea96b23b80f1828b8f902e509b524c55c2b25d6aaf8
- SHA512
  
  3ca5bc6f1b342154b248451f2b910e43f9b325579059c58968b17654490bc773bffedec18b0ff2114e896353de0b5cacc94a9afbe4cd592f38b669f594def1f8
- SSDEEP
  
  393216:/eh8bCTZIQ6UgKYAS91oxquhFuhPAUlmpqP:/88GTZIQ6qSCThcTlmp+
Score

10^/10

raccoon f49765d62e02586d0fe162b5d3a934ad discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Raccoon Stealer V2 payload

Raccoon family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2