raccoon | f4a06112230f815db98fab6246c0778c89c2d4c5f16f588a5b3e94cb38eab242 | Triage

Sharing

General

Target

JaffaCakes118_c99700c1e281c80a0062e4a2d7da27e5
Size

565KB
Sample

250109-q1cfbstkak
MD5

c99700c1e281c80a0062e4a2d7da27e5
SHA1

20c331ea3840a697debfff1185e65bb4c3ee451e
SHA256

f4a06112230f815db98fab6246c0778c89c2d4c5f16f588a5b3e94cb38eab242
SHA512

8ef2dd77ea2e9fae0db25b5d7d1d22f83c0c7c6064bc6fe420068f12d7847c7e5c212494d8ac7ca2f204767d430a563382ed27cd6f313547788d8bdf33a266a6
SSDEEP

12288:BzB2UjHsN8Bjc1vVmQxbFv3oVIhTfAKfo3Ro/iQXzX1I8oRD7BdbDbu:BzB2UjHsN8RMm6R3ou/fouHlbgnbDq

Score

10^/10

raccoon 66b829405bdeb7035def3ee2b501223ac982dabe discovery

Malware Config

Extracted

Family

raccoon

Version

1.8.2

Botnet

66b829405bdeb7035def3ee2b501223ac982dabe

Attributes

url4cnc
http://teletop.top/viopmanxpro

http://teleta.top/viopmanxpro

https://t.me/viopmanxpro

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_c99700c1e281c80a0062e4a2d7da27e5
- Size
  
  565KB
- MD5
  
  c99700c1e281c80a0062e4a2d7da27e5
- SHA1
  
  20c331ea3840a697debfff1185e65bb4c3ee451e
- SHA256
  
  f4a06112230f815db98fab6246c0778c89c2d4c5f16f588a5b3e94cb38eab242
- SHA512
  
  8ef2dd77ea2e9fae0db25b5d7d1d22f83c0c7c6064bc6fe420068f12d7847c7e5c212494d8ac7ca2f204767d430a563382ed27cd6f313547788d8bdf33a266a6
- SSDEEP
  
  12288:BzB2UjHsN8Bjc1vVmQxbFv3oVIhTfAKfo3Ro/iQXzX1I8oRD7BdbDbu:BzB2UjHsN8RMm6R3ou/fouHlbgnbDq
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

66b829405bdeb7035def3ee2b501223ac982daberaccoon

behavioral1

behavioral2