General
-
Target
273a7c27d0083751a61455206d0a562e.exe
-
Size
527KB
-
Sample
210825-kr5n2z1l2a
-
MD5
273a7c27d0083751a61455206d0a562e
-
SHA1
3bd62ef7f001e8272753c460102de569e5ba7387
-
SHA256
583530c52abee0290a36a665b500bc6f601021ebde84d6011d8c4c40f138dd09
-
SHA512
44fb500cbcfd5a63e836406d74b3a8dc5ddf535025e689e2820719bab433d3fa3c26e528c900e045de61a3f5b1f5157392176568c067cbb2c8582f25be69b10a
Malware Config
Extracted
raccoon
fe582536ec580228180f270f7cb80a867860e010
-
url4cnc
https://telete.in/xylichanjk
Targets
-
-
Target
273a7c27d0083751a61455206d0a562e.exe
-
Size
527KB
-
MD5
273a7c27d0083751a61455206d0a562e
-
SHA1
3bd62ef7f001e8272753c460102de569e5ba7387
-
SHA256
583530c52abee0290a36a665b500bc6f601021ebde84d6011d8c4c40f138dd09
-
SHA512
44fb500cbcfd5a63e836406d74b3a8dc5ddf535025e689e2820719bab433d3fa3c26e528c900e045de61a3f5b1f5157392176568c067cbb2c8582f25be69b10a
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-