Overview

overview

10

Static

static

3

2024-07-08...rd.exe

windows7-x64

1

2024-07-08...rd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-08_c494c98067c5c1612c31b613f126f15b_megazord

  • Size

    2.3MB

  • Sample

    240708-ljcmjsvfne

  • MD5

    c494c98067c5c1612c31b613f126f15b

  • SHA1

    fb320552cb92ca99bf9296b05b43cad04b68c24a

  • SHA256

    5e2aa782129c57e486bc4662eecb7ccacf204f05b21c27387c6cec31d1ca205f

  • SHA512

    23e112fddeed7e63510925d00c233558f9f05d4ca98bf76491be9e7906ccf39283520715109a893f13c7812751c248799ab59b3f85622f2fecd147193bcf66f8

  • SSDEEP

    49152:/NRyhWAXn+KazPonIdN7+q1um3RkHUF11b0ryNM7:Lk+DMIZImaHU/

Score
10/10
raccoon23b7de51bb42a569733f1e26dbce63bastealer

Malware Config

Extracted

Family

raccoon

Botnet

23b7de51bb42a569733f1e26dbce63ba

C2

http://95.169.205.186:80/

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain

Targets

    • Target

      2024-07-08_c494c98067c5c1612c31b613f126f15b_megazord

    • Size

      2.3MB

    • MD5

      c494c98067c5c1612c31b613f126f15b

    • SHA1

      fb320552cb92ca99bf9296b05b43cad04b68c24a

    • SHA256

      5e2aa782129c57e486bc4662eecb7ccacf204f05b21c27387c6cec31d1ca205f

    • SHA512

      23e112fddeed7e63510925d00c233558f9f05d4ca98bf76491be9e7906ccf39283520715109a893f13c7812751c248799ab59b3f85622f2fecd147193bcf66f8

    • SSDEEP

      49152:/NRyhWAXn+KazPonIdN7+q1um3RkHUF11b0ryNM7:Lk+DMIZImaHU/

    Score
    10/10
    raccoon23b7de51bb42a569733f1e26dbce63bastealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V2 payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks