raccoon | fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...96.exe

windows7-x64

JaffaCakes...96.exe

windows10-2004-x64

3

Sharing

General

Target

JaffaCakes118_fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296
Size

700.0MB
Sample

241230-cnrslavjct
MD5

f38d0053391ba2281f7483c4f14c0b58
SHA1

d793b55a9f3a1ace85465e2a7ceee44df337e4da
SHA256

fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296
SHA512

cfcb37ab14fce3a29c4a2dfa17982bce2dc42f87b3c0da2b72ebf85bea46f894337b5fe16dfdab017a19d028b73ae69709125b4fd8141e8642b5b9216a4f3dc6
SSDEEP

49152:VrXpRRs4Ws4XToj43MgVMHBZ6HpFe9SawpWryv1UAP31YbutJeHKoSlpfzDseKP7:oqs9ZxyhL78GYRsjVzsQxAOLV9FRKa4C

Score

10^/10

raccoon 825b2333b70509cdc4299da00c6d940e discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296.exe

Resource

win7-20240729-en

raccoon 825b2333b70509cdc4299da00c6d940e discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

825b2333b70509cdc4299da00c6d940e

C2

http://94.131.109.157/

http://45.153.230.92/

Attributes

user_agent
x

xor.plain

Targets

- Target
  
  JaffaCakes118_fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296
- Size
  
  700.0MB
- MD5
  
  f38d0053391ba2281f7483c4f14c0b58
- SHA1
  
  d793b55a9f3a1ace85465e2a7ceee44df337e4da
- SHA256
  
  fe1dbb3e8af7462232871fd159f3d633555f5313f8012db02e8abdcaffa1d296
- SHA512
  
  cfcb37ab14fce3a29c4a2dfa17982bce2dc42f87b3c0da2b72ebf85bea46f894337b5fe16dfdab017a19d028b73ae69709125b4fd8141e8642b5b9216a4f3dc6
- SSDEEP
  
  49152:VrXpRRs4Ws4XToj43MgVMHBZ6HpFe9SawpWryv1UAP31YbutJeHKoSlpfzDseKP7:oqs9ZxyhL78GYRsjVzsQxAOLV9FRKa4C
Score

10^/10

raccoon 825b2333b70509cdc4299da00c6d940e discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon825b2333b70509cdc4299da00c6d940ediscoverystealer

behavioral2

© 2018-2025

Terms | Privacy