Overview

overview

10

Static

static

3

JaffaCakes...f0.exe

windows7-x64

10

JaffaCakes...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_780f7c19cff595e9ab83f0fb6ffe6ddcaa74497926960138c3512c02bc1858f0

  • Size

    726.2MB

  • Sample

    241230-yk2paawkfn

  • MD5

    c944260b92040f232ab713cd88b13958

  • SHA1

    6c7afd9c0375d66cfa54d9af15645a2c210a06bd

  • SHA256

    780f7c19cff595e9ab83f0fb6ffe6ddcaa74497926960138c3512c02bc1858f0

  • SHA512

    4dec6184adc9ff717da1ff99808e56939502375af8aab69202f06222e11ba25c09721e4e231ad64b8af3b09f9be4eb1cc82e7b8bdca7f3199e44cd258823f961

  • SSDEEP

    98304:SjJ5dNgv+ZtsQVr6DEbrVUs0MWfehnw1oyiAJRrua5r2vJrGsL6B1yD2a1:gdnyDOrVUwaoyiMN7IEsL6rxa1

Score
10/10
raccoonee7547b54385ca0437fddefa2f747d6fdiscoverystealer

Malware Config

Extracted

Family

raccoon

Botnet

ee7547b54385ca0437fddefa2f747d6f

C2

http://95.217.124.179/

Attributes
  • user_agent

    mozzzzzzzzzzz

xor.plain

Targets

    • Target

      JaffaCakes118_780f7c19cff595e9ab83f0fb6ffe6ddcaa74497926960138c3512c02bc1858f0

    • Size

      726.2MB

    • MD5

      c944260b92040f232ab713cd88b13958

    • SHA1

      6c7afd9c0375d66cfa54d9af15645a2c210a06bd

    • SHA256

      780f7c19cff595e9ab83f0fb6ffe6ddcaa74497926960138c3512c02bc1858f0

    • SHA512

      4dec6184adc9ff717da1ff99808e56939502375af8aab69202f06222e11ba25c09721e4e231ad64b8af3b09f9be4eb1cc82e7b8bdca7f3199e44cd258823f961

    • SSDEEP

      98304:SjJ5dNgv+ZtsQVr6DEbrVUs0MWfehnw1oyiAJRrua5r2vJrGsL6B1yD2a1:gdnyDOrVUwaoyiMN7IEsL6rxa1

    Score
    10/10
    raccoonee7547b54385ca0437fddefa2f747d6fdiscoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon family

      raccoon

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks