Overview

overview

10

Static

static

1

9ada8a99d4...85.exe

windows7-x64

10

9ada8a99d4...85.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_00022172ef0418e281ff139ece401aa8ec0bb9c081e7ed9b02b0a88fab7283dd

  • Size

    469KB

  • Sample

    241230-wk4grssjhm

  • MD5

    13c1e8755001d048d675c3dc724e3bd0

  • SHA1

    d486aaf67204c16f75f12d991371f86d144ef331

  • SHA256

    00022172ef0418e281ff139ece401aa8ec0bb9c081e7ed9b02b0a88fab7283dd

  • SHA512

    5471d3b72b24f83f1a2ab9b424f52a33f1cefad62afa3c1fbd8403be72820185f9443301e00640c86055241898b7d10a8464b471b25e48f908aeb6bfe6b5c155

  • SSDEEP

    12288:Fh86+qxAC0ThEc+puN8fBydyzmLTkeO9jMcnQV:t+rC0TgDfBRmLTVClQV

Score
10/10
raccoonae0770d2b2cf22fd01acecdb15e942fediscoverystealer

Malware Config

Extracted

Family

raccoon

Botnet

ae0770d2b2cf22fd01acecdb15e942fe

C2

http://213.252.244.230/

Attributes
  • user_agent

    mozzzzzzzzzzz

xor.plain

Targets

    • Target

      9ada8a99d4b6895df3ca72cad0dff7922d81733643a1bbc7dfd66fef45c0c085

    • Size

      1.1MB

    • MD5

      b2e2f33ace8a40398f0401aa402f73fa

    • SHA1

      710ce61cbd32bb16e1fa641222af1dd3c7d33638

    • SHA256

      9ada8a99d4b6895df3ca72cad0dff7922d81733643a1bbc7dfd66fef45c0c085

    • SHA512

      ceab580f42b86b5d607acbc146bb414601e7f229064d85cdf7506f777263c402dbcafbd8c4c3fee163c3a21514ea1f76f8492464e7181663446869660438bc50

    • SSDEEP

      12288:a6608DhOZnTYcpw0IvF/74RsxG/se9wfQhXlKlA/3NQzdaYS3RpYCS:bVP44mGQgKlARYShp3S

    Score
    10/10
    raccoonae0770d2b2cf22fd01acecdb15e942fediscoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon family

      raccoon

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks