General

  • Target

    9f731be92a838f540a8e5dcc4e8ac6a8f5feeb45f639ab8c885a530b27d5295eN.exe

  • Size

    556KB

  • Sample

    250208-hgesca1lb1

  • MD5

    4ae89470a87af159c268f1c65a667470

  • SHA1

    2a452f277055950fb6f109ac1dfed75cf6865f9c

  • SHA256

    9f731be92a838f540a8e5dcc4e8ac6a8f5feeb45f639ab8c885a530b27d5295e

  • SHA512

    66b1fd9aae5395f749519762fcf13a451e32f6e5d550a7964f06d7cfbab756292ed2804fc74ad46fa6ed175c82b71685ec41bf9278df20e98ab53972859c9173

  • SSDEEP

    12288:afY1JPOOlNQLRxrcwe5Bq+EASvXLFlNLcr45bptSrWRAZXT:afKPOWQMBwjPNk4wXT

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

a5853b5c02e94f46d8c8309106de23b7332e83d5

Attributes
  • url4cnc

    https://telete.in/hsbogdan

rc4.plain
rc4.plain

Targets

    • Target

      9f731be92a838f540a8e5dcc4e8ac6a8f5feeb45f639ab8c885a530b27d5295eN.exe

    • Size

      556KB

    • MD5

      4ae89470a87af159c268f1c65a667470

    • SHA1

      2a452f277055950fb6f109ac1dfed75cf6865f9c

    • SHA256

      9f731be92a838f540a8e5dcc4e8ac6a8f5feeb45f639ab8c885a530b27d5295e

    • SHA512

      66b1fd9aae5395f749519762fcf13a451e32f6e5d550a7964f06d7cfbab756292ed2804fc74ad46fa6ed175c82b71685ec41bf9278df20e98ab53972859c9173

    • SSDEEP

      12288:afY1JPOOlNQLRxrcwe5Bq+EASvXLFlNLcr45bptSrWRAZXT:afKPOWQMBwjPNk4wXT

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer V1 payload

    • Raccoon family

    • Downloads MZ/PE file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks