raccoon | d18269f464da566a9f9493954d4e734cbb9c054d4a824c24d0558371c2a4ba08 | Triage

Sharing

General

Target

Setup.exe
Size

783.9MB
Sample

250310-q2j7kaxsat
MD5

4ed475f19b4426c6ff1f62352f36b88c
SHA1

eb71a69a265029dae0962167bbe67d693ab3164f
SHA256

d18269f464da566a9f9493954d4e734cbb9c054d4a824c24d0558371c2a4ba08
SHA512

84f61f726b116a3bd1e14e08220e6573950e64b0991ca17d9927ba53e6593dc84df4a8fd1b6eb9055bbf8e65934d82ae3b4ba5b368253a61086d84f69d4367cd
SSDEEP

98304:VXQWiHTHRI+z6qubXwTLlxiY06nyZf4Npi4HTJs7uZbrjaLwdNP42cqcqcqcqcq6:xQnTO+ztLTLziAYf4S4HFouZvjcwsB

Score

10^/10

raccoon ba5402edabeb7c302f4642770a58922b discovery stealer

Malware Config

Extracted

Family

raccoon

Botnet

ba5402edabeb7c302f4642770a58922b

C2

http://193.233.132.231:80

Attributes

user_agent
MrBidenNeverKnow

xor.plain

Targets

- Target
  
  Setup.exe
- Size
  
  783.9MB
- MD5
  
  4ed475f19b4426c6ff1f62352f36b88c
- SHA1
  
  eb71a69a265029dae0962167bbe67d693ab3164f
- SHA256
  
  d18269f464da566a9f9493954d4e734cbb9c054d4a824c24d0558371c2a4ba08
- SHA512
  
  84f61f726b116a3bd1e14e08220e6573950e64b0991ca17d9927ba53e6593dc84df4a8fd1b6eb9055bbf8e65934d82ae3b4ba5b368253a61086d84f69d4367cd
- SSDEEP
  
  98304:VXQWiHTHRI+z6qubXwTLlxiY06nyZf4Npi4HTJs7uZbrjaLwdNP42cqcqcqcqcq6:xQnTO+ztLTLziAYf4S4HFouZvjcwsB
Score

10^/10

raccoon ba5402edabeb7c302f4642770a58922b discovery stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V2 payload
- Raccoon family
  raccoon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoonba5402edabeb7c302f4642770a58922bdiscoverystealer

behavioral2

raccoonba5402edabeb7c302f4642770a58922bdiscoverystealer