raccoon | efca489e47185ce7ca7dfe88efaccf98ff4704430da1436f296f005e11a628d8 | Triage

Submit
Reports

Overview

overview

Static

static

5

6e230b9cff...18.exe

windows11-21h2-x64

Resubmissions

Sharing

General

Target

6e230b9cff0edf73241c6937260ce5f1_JaffaCakes118
Size

2.0MB
Sample

240524-sydlqaba34
MD5

6e230b9cff0edf73241c6937260ce5f1
SHA1

24575f7c562b2e6d9c14919a1feb3cce2c4328f8
SHA256

efca489e47185ce7ca7dfe88efaccf98ff4704430da1436f296f005e11a628d8
SHA512

0eb73a779f207cf3f78244b6014e5febc4ed06652cf45eaaea6798e26fa057eb5dd4799833a7e244d08d717d6a591ca5f84b999004820a0735f5c528baa087c0
SSDEEP

24576:ku6Jx3O0c+JY5UZ+XC0kGso/WaaaiPOBSBYEXz88Om8Lz9jb+pWZI0oYZQuEWYvH:eI0c++OCvkGsUWay0LYvH

Score

10^/10

raccoon dc276e119d9a4d74f954a04ada4178a488e1daac stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6e230b9cff0edf73241c6937260ce5f1_JaffaCakes118.exe

Resource

win11-20240426-en

raccoon dc276e119d9a4d74f954a04ada4178a488e1daac stealer

windows11-21h2-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

dc276e119d9a4d74f954a04ada4178a488e1daac

Attributes

url4cnc
https://drive.google.com/uc?export=download&id=19hM-KLCQYseROyH-iWgBUyp7N46KgncH

rc4.plain

rc4.plain

Targets

- Target
  
  6e230b9cff0edf73241c6937260ce5f1_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  6e230b9cff0edf73241c6937260ce5f1
- SHA1
  
  24575f7c562b2e6d9c14919a1feb3cce2c4328f8
- SHA256
  
  efca489e47185ce7ca7dfe88efaccf98ff4704430da1436f296f005e11a628d8
- SHA512
  
  0eb73a779f207cf3f78244b6014e5febc4ed06652cf45eaaea6798e26fa057eb5dd4799833a7e244d08d717d6a591ca5f84b999004820a0735f5c528baa087c0
- SSDEEP
  
  24576:ku6Jx3O0c+JY5UZ+XC0kGso/WaaaiPOBSBYEXz88Om8Lz9jb+pWZI0oYZQuEWYvH:eI0c++OCvkGsUWay0LYvH
Score

10^/10

raccoon dc276e119d9a4d74f954a04ada4178a488e1daac stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer V1 payload
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

raccoondc276e119d9a4d74f954a04ada4178a488e1daacstealer

© 2018-2024

Terms | Privacy