raccoon | 9d1131eb127a57898c7fe2a66e2fe0533b5c15ce295d999548b2289cfcedf906 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

e609ca20cb...4e.exe

windows7-x64

e609ca20cb...4e.exe

windows10-2004-x64

Sharing

General

Target

21212990704.zip
Size

14.0MB
Sample

250207-zatrcsxndk
MD5

de5088a61567ec2260ed9f64529eab08
SHA1

b649105dfb7e9b1294e205439a7e4bb77845d1fc
SHA256

9d1131eb127a57898c7fe2a66e2fe0533b5c15ce295d999548b2289cfcedf906
SHA512

602f66b197ed35c6902708a012eb39d2e45584f3bb214f7c97a3dcc3f18b06f51213d166836714204dee7fc3120cc9234616bd9fcc7b8cf2b81bf4ded1184e52
SSDEEP

196608:lBdJD5LlGvRNJWUKW8Vf5Fzqqb1VPPu7gk7ibe+6M7AoHBSLndum17leM27dbFIp:5JD5LlG5uUJ8hLz1zwUZA0cnblEnxZxm

Score

10^/10

raccoon 74792170e2ae861332d483b2cb2fedaf discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e609ca20cb8545f35487d65a164a40d3bcde12cf0928da55f21fd612d669df4e.exe

Resource

win7-20241010-en

raccoon 74792170e2ae861332d483b2cb2fedaf discovery stealer

windows7-x64

12 signatures

300 seconds

Behavioral task

behavioral2

Sample

e609ca20cb8545f35487d65a164a40d3bcde12cf0928da55f21fd612d669df4e.exe

Resource

win10v2004-20250207-en

raccoon 74792170e2ae861332d483b2cb2fedaf discovery stealer

windows10-2004-x64

8 signatures

300 seconds

Malware Config

Extracted

Family

raccoon

Botnet

74792170e2ae861332d483b2cb2fedaf

C2

http://37.220.87.93/

http://77.73.134.75/

http://83.217.11.38/

Attributes

user_agent
AYAYAYAY1337

xor.plain

Targets

- Target
  
  e609ca20cb8545f35487d65a164a40d3bcde12cf0928da55f21fd612d669df4e
- Size
  
  14.3MB
- MD5
  
  0ba11453f94df5f7f4e38c224c73fa49
- SHA1
  
  aa23a52cb2a93fa8ea7529374d4eb3cf32129e1a
- SHA256
  
  e609ca20cb8545f35487d65a164a40d3bcde12cf0928da55f21fd612d669df4e
- SHA512
  
  afb7670f5a227bbd38da0e569eca7cd73a8f5a225f4ee371f0661a34aa572646031a7a1f84bd5443a6b1369f0adaf650cb71cbc175708e47251ca9449151a010
- SSDEEP
  
  393216:/EMXNewWmfWWx/4LPAUGKHukegLNyCmyzJg:/E0N3fWWxiPoKHukegLNyC
Score

10^/10

raccoon 74792170e2ae861332d483b2cb2fedaf discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
- Downloads MZ/PE file
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon74792170e2ae861332d483b2cb2fedafdiscoverystealer

behavioral2

raccoon74792170e2ae861332d483b2cb2fedafdiscoverystealer

© 2018-2025

Terms | Privacy