raccoon | e18d055fc0faaa16b5b860e1995f2cd701a89c1d7b3e2ed7c9efe5f96977e266 | Triage

Sharing

General

Target

wtf.scr
Size

676.4MB
Sample

250309-dsymdaxvbz
MD5

6f8b3f0fb8a6ef77e799b09bc97e9803
SHA1

2d8dde0b641755ff5641d5ed3a102182813b15f7
SHA256

e18d055fc0faaa16b5b860e1995f2cd701a89c1d7b3e2ed7c9efe5f96977e266
SHA512

e9ff548e483a41f6f2a49ea574a21075f3266b8e3c950e263ce2b64ce988cd9a603e41898f6b46987e338e693da7e890b13c2663eff097df8207f7bb3afdc210
SSDEEP

49152:OobxvbkfN8ObOQzhSSsOfADj58RFxDEF4B6iiw/G:hdvgN8yaDqRFxDbSr

Score

10^/10

raccoon 6be8e80ea1fc8b931c125b897943cb68 discovery stealer

Malware Config

Extracted

Family

raccoon

Botnet

6be8e80ea1fc8b931c125b897943cb68

C2

http://168.100.9.166

http://194.4.49.73

Attributes

user_agent
23591

xor.plain

Targets

- Target
  
  wtf.scr
- Size
  
  676.4MB
- MD5
  
  6f8b3f0fb8a6ef77e799b09bc97e9803
- SHA1
  
  2d8dde0b641755ff5641d5ed3a102182813b15f7
- SHA256
  
  e18d055fc0faaa16b5b860e1995f2cd701a89c1d7b3e2ed7c9efe5f96977e266
- SHA512
  
  e9ff548e483a41f6f2a49ea574a21075f3266b8e3c950e263ce2b64ce988cd9a603e41898f6b46987e338e693da7e890b13c2663eff097df8207f7bb3afdc210
- SSDEEP
  
  49152:OobxvbkfN8ObOQzhSSsOfADj58RFxDEF4B6iiw/G:hdvgN8yaDqRFxDbSr
Score

10^/10

raccoon 6be8e80ea1fc8b931c125b897943cb68 discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon6be8e80ea1fc8b931c125b897943cb68discoverystealer

behavioral2

raccoon6be8e80ea1fc8b931c125b897943cb68discoverystealer