Overview

overview

10

Static

static

10

138b17d8ac...44.exe

windows7-x64

10

138b17d8ac...44.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    138b17d8ac8f7a899f6efc896446e1794f20fb0396b774de37679b069c568f44

  • Size

    7.4MB

  • Sample

    250321-rj57ratrx4

  • MD5

    2333c566988bfa8a65f7e6cd079d7e8d

  • SHA1

    f7300a6bc5b4f33263f7c50cae9683833f37b9bb

  • SHA256

    138b17d8ac8f7a899f6efc896446e1794f20fb0396b774de37679b069c568f44

  • SHA512

    abcdc8c3855290b8672f30296f709f391552e3dde0bb87feec783322a6f4906b43bb0ee90cac88b16319093515999b3c1416e223990d52d4ef759d6616ee9b05

  • SSDEEP

    196608:tuJ+Rp7VEpq14hMyX1JW6+xzjbQr3HiKxMZ:tuJ+L7GpfnzWHxH8ryH

Score
10/10
raccoon325905ef368c0ef54a7193fe509f183ddiscoverystealer

Malware Config

Extracted

Family

raccoon

Botnet

325905ef368c0ef54a7193fe509f183d

C2

http://62.113.255.110/

http://188.215.229.203/
Attributes
  • user_agent

    record

rc4.plain
rc4.plain

Targets

    • Target

      138b17d8ac8f7a899f6efc896446e1794f20fb0396b774de37679b069c568f44

    • Size

      7.4MB

    • MD5

      2333c566988bfa8a65f7e6cd079d7e8d

    • SHA1

      f7300a6bc5b4f33263f7c50cae9683833f37b9bb

    • SHA256

      138b17d8ac8f7a899f6efc896446e1794f20fb0396b774de37679b069c568f44

    • SHA512

      abcdc8c3855290b8672f30296f709f391552e3dde0bb87feec783322a6f4906b43bb0ee90cac88b16319093515999b3c1416e223990d52d4ef759d6616ee9b05

    • SSDEEP

      196608:tuJ+Rp7VEpq14hMyX1JW6+xzjbQr3HiKxMZ:tuJ+L7GpfnzWHxH8ryH

    Score
    10/10
    raccoon325905ef368c0ef54a7193fe509f183ddiscoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon family

      raccoon

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks