Raccoon: The Story of a Typical Infostealer
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Credentials - T1589.001 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 26c4e116-b3b3-499c-a459-466f8529bc5c
Fingerprint 9c25395807bfbf89
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 24, 2020, midnight
Added to db Jan. 18, 2023, 11 p.m.
Last updated Nov. 18, 2024, 12:28 p.m.
Headline Raccoon: The Story of a Typical Infostealer
Title Raccoon: The Story of a Typical Infostealer
Detected Hints/Tags/Attributes 67/2/15
Source URLs
Redirection Url
Details Source https://www.cyberark.com/resources/threat-research-blog/raccoon-the-story-of-a-typical-infostealer
Details Redirection https://www.cyberark.com/threat-research-blog/raccoon-the-story-of-a-typical-infostealer/
URL Provider
Details Provider Source level domain
Details cyberark.com www.cyberark.com
Attributes
Details Type #Events CTI Value
Details Domain 195 
drive.google.com
Details Domain 9 
log.zip
Details File 33 
log.php
Details File 104 
sqlite3.dll
Details File 71 
nss3.dll
Details File 96 
wallet.dat
Details File 9 
log.zip
Details md5 2 
26b948359b43d02743bd1fad775a15ca
Details sha1 2 
4ede41fe0ea963034a3d65f0dd442de4671c214f
Details sha256 2 
a57e1f3217b993476c594570095d28b6c287731a005325e5f64a332a86cb7878
Details IPv4 2 
35.189.105.242
Details IPv4 198 
1.1.1.1
Details Url 2 
https://drive.google.com/uc?export=download&id=1qqxaxaru8bu4kjz6ibssccyltmlftiov
Details Url 2 
http://35.189.105.242/gate/log.php
Details Url 2 
http://35.189.105.242/gate