Overview

overview

10

Static

static

c25206df37...fd.exe

windows7_x64

10

c25206df37...fd.exe

windows10_x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c25206df37bfc9fea81145e71cc739232c877edaf5e2587c3bda548d4850b9fd

  • Size

    1.1MB

  • Sample

    201113-yd3jyzg1w2

  • MD5

    f3288bdca1e2d71848e4122c8237dad5

  • SHA1

    9560fb0bad1338c45b21cf9a03d75f81152e3ad5

  • SHA256

    c25206df37bfc9fea81145e71cc739232c877edaf5e2587c3bda548d4850b9fd

  • SHA512

    b447f1424bbef537995ac8502fb50db8473423edc1f5830d745e7d8c8fb93674e00e79e6f2f5ab5b1550d9f8bf9a14616b2a09a4565219242d56bdd26a258ee7

Score
10/10
raccoonstealer

Malware Config

Targets

    • Target

      c25206df37bfc9fea81145e71cc739232c877edaf5e2587c3bda548d4850b9fd

    • Size

      1.1MB

    • MD5

      f3288bdca1e2d71848e4122c8237dad5

    • SHA1

      9560fb0bad1338c45b21cf9a03d75f81152e3ad5

    • SHA256

      c25206df37bfc9fea81145e71cc739232c877edaf5e2587c3bda548d4850b9fd

    • SHA512

      b447f1424bbef537995ac8502fb50db8473423edc1f5830d745e7d8c8fb93674e00e79e6f2f5ab5b1550d9f8bf9a14616b2a09a4565219242d56bdd26a258ee7

    Score
    10/10
    raccoonstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks