Overview

overview

10

Static

static

1

HELLDIVERS_2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HELLDIVERS_2.exe

  • Size

    783.9MB

  • Sample

    240531-hn8zrsae6w

  • MD5

    bc8b924500b34d2eb4f05c69dc73df6f

  • SHA1

    3c606bcade0afd5b67cea7f63cd1a0f62eb4d6d7

  • SHA256

    79c58e4d9709150ab0c88323b93ee8588078401aa45ee446dc09ac1d717cca6b

  • SHA512

    2918e61a4e602845db91a3eaeba3685264c25045a0e3cb4fad67111a962f356ac9a087d9ee3d073778d60a5a35f15a606735bdabae6514b7898815c8ec2d659b

  • SSDEEP

    196608:TSghHWRqjrvcOwtn7ykVljE8yd+y9lU4R88pxk:TSqzyykV+z+yTUEfxk

Score
10/10
raccoonba5402edabeb7c302f4642770a58922bstealer

Malware Config

Extracted

Family

raccoon

Botnet

ba5402edabeb7c302f4642770a58922b

C2

http://193.233.132.231:80

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain

Targets

    • Target

      HELLDIVERS_2.exe

    • Size

      783.9MB

    • MD5

      bc8b924500b34d2eb4f05c69dc73df6f

    • SHA1

      3c606bcade0afd5b67cea7f63cd1a0f62eb4d6d7

    • SHA256

      79c58e4d9709150ab0c88323b93ee8588078401aa45ee446dc09ac1d717cca6b

    • SHA512

      2918e61a4e602845db91a3eaeba3685264c25045a0e3cb4fad67111a962f356ac9a087d9ee3d073778d60a5a35f15a606735bdabae6514b7898815c8ec2d659b

    • SSDEEP

      196608:TSghHWRqjrvcOwtn7ykVljE8yd+y9lU4R88pxk:TSqzyykV+z+yTUEfxk

    Score
    10/10
    raccoonba5402edabeb7c302f4642770a58922bstealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V2 payload

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks