ioc[.]one - OSINT Cyber Threat Intelligence Database

Raccoon Stealer is Back with a New Version

Tags

country:	Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Control Panel - T1218.002 Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	2bd05cc7-394a-4545-8ee8-eecacb9fa131
Fingerprint	b5ac7b5168179283
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 21, 2022, 9:23 a.m.
Added to db	Dec. 21, 2022, 4:49 p.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	Raccoon Stealer is Back with a New Version
Title	Raccoon Stealer is Back with a New Version
Detected Hints/Tags/Attributes	65/3/83

Source URLs

	Redirection	Url
Details	Source	https://medium.com/s2wblog/raccoon-stealer-is-back-with-a-new-version-5f436e04b20d
Details	Source	https://medium.com/s2wblog/raccoon-stealer-is-back-with-a-new-version-5f436e04b20d?source=rss-b408bb1e7c46------2

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	220	✔	Stories by S2W on Medium	https://s2w.medium.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	keystool.com
Details	Domain	53	blog.avast.com
Details	Domain	434	medium.com
Details	Domain	30	s2w.inc
Details	Domain	335	www.facebook.com
Details	Domain	1373	twitter.com
Details	File	25	4.exe
Details	File	31	cookies.txt
Details	File	1260	explorer.exe
Details	File	71	nss3.dll
Details	File	51	msvcp140.dll
Details	File	69	vcruntime140.dll
Details	File	51	mozglue.dll
Details	File	44	freebl3.dll
Details	File	41	softokn3.dll
Details	File	104	sqlite3.dll
Details	File	65	info.txt
Details	File	8	nssdbm3.dll
Details	File	4	scrnsht_screenshot.jpeg
Details	File	96	wallet.dat
Details	File	28	s2w.inc
Details	md5	1	05a000d526a6e95be2b08e650394fa40
Details	md5	1	403f7b121a3afd9e8d27f945140b8a92
Details	md5	1	1262c07cd3b0beaeb6f46b66fbfdf307
Details	sha1	1	b4cf85691dcc7c6e2d709b292056d404e7fb58f0
Details	sha256	3	40daa898f98206806ad3ff78f63409d509922e0c482684cf4f180faac8cac273
Details	sha256	1	6e5d7b8bc69145a2b65b4be1a2d66a8dbc579e54c09660c4070c5667192864bf
Details	sha256	1	ce29b09c57bdd0df33b7d45abe0047952fc009dbc1b5b43351aa6dad751ba262
Details	sha256	1	056a3022c5e70d112e82844d1101e1a591b02960ae0609f06e9930a3f3bd6efa
Details	sha256	1	6f4e7b117124a1b5a27dfd9a7a3e03b46e84000a992e1029f0cfb62bb77fc3f3
Details	sha256	1	6e7e69cd1c9b24f6a36870ec5ae6c31c69022fb48d3fdf59bcda5c1528bc9c04
Details	sha256	1	59d74f7e172a2ee14e5e43b9704ac95428b28741f1dbadbf5c9279dd37a11f86
Details	sha256	1	0fb5b0562e81ae2a89f61b25cca023adf7f370fe049508c96c6bcf898a63e4d7
Details	sha256	1	f051b93953919cbf673b16ba995a3c1aa58e59dcc256b9eaf1cdd2f6b3c7dfd2
Details	sha256	3	9d66a6a6823aea1b923f0c200dfecb1ae70839d955e11a3f85184b8e0b16c6f8
Details	sha256	1	084754ed1f495ee48a0bfe70b6b5c33ed17bfa129ad03356356ff3a5bf3c46f0
Details	sha256	1	f6d5c0f3f6c5cd498b605e06c6bf49a66c7cbbedf3480cb3a95229b4dc91e81d
Details	sha256	1	a988a4f3652eaa34b874080da1cbb70223bac6760e318064f4f23b69bf823330
Details	sha256	1	e2b87b9ea8bb2bf835cb064845ff863253f3eedb4a88122598eee52c9579b203
Details	sha256	1	03a8531989aeeec1befecbba4f3ee218309306224bd22b7e52104537e32bacd6
Details	sha256	1	0adc96946d9806969375212cfd5012f93cb205c1008b935f6886ba0ffe7fe262
Details	sha256	4	516c81438ac269de2b632fb1c59f4e36c3d714e0929a969ec971430d2d63ac4e
Details	sha256	1	a25fd13894644550fa9ca60a046813031e5189d4abe4bbd68ed9e6dcfc85d698
Details	sha256	1	20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161
Details	sha256	1	909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb
Details	sha256	1	99834c9981535b584040fef84af159e5e584927aac4a6a57001ba5ecf1e869c4
Details	sha256	1	494df1513b13c70b1472282b80bdf1a9399ae0d16a90275a5c9fe7cfda6afd0d
Details	sha256	1	9014f5d4a597cdec4ec2d10bf73883b4f0106f62c9938a8c6a59e506b1203e2b
Details	sha256	1	0bc3aa6b692b3873dfdd6942fb0eaba7aab391f1d154df80be1193aa792df0c2
Details	sha256	1	7503d528db92b909ad05d65379e6aae008dfaa3664bcac252d34d7a9f25b2db9
Details	sha256	1	f97835279804b62e667211706cce813179e2571634880770862a5f759fa17c11
Details	sha256	1	567bd8dd69485d8f79edad514e54c085af1490dcc5461a01ee79e57e138b9b10
Details	sha256	1	672fea64c92edc4d937d3132577b65813738bfddeab6a6b3ef35e6fa4b987009
Details	sha256	1	83fd32cace2c2f243a713f93918dafd5458af296d55edd293cf5b8b927466dc7
Details	sha256	1	7c09a54191495c699c04be9e0e2d97cf91d9c4346a37ad751416a2db52636de2
Details	sha256	1	b7104e1420fbcdd4a78b02069f32d4882d38203dcb5f73509b60cc1567dac437
Details	sha256	1	ab3d8c58a33fd90eca17dc079eb05469bbe535b16eb653810f134df888e230ce
Details	sha256	1	cddc1e15fcfcb29cfcb3631f1d478640d228fd9ea38c01d347833567970d04e3
Details	sha256	1	c6f111e1b32229232af8af25d714ef8f77e30bbc122c0600076bb42cbe46e22b
Details	sha256	1	61d8e542a34f41b5675daf924a6c21322f0a6aaad9a888b23357c85d29a8f87a
Details	sha256	1	6dfd4a12437cf38a4ecdb24891dbff464602fcbe435cf6c15a643637d7f4e1b0
Details	sha256	1	c7ee80a9387a941d13738ab069f8f055e14ea8bdb12403a81e0166b098fce032
Details	sha256	1	ae46253a19c9e846c405b3926655efead40d8f873fef008f896019f34d486dfe
Details	sha256	1	9e5035f075d6aef29ad158c591adf669324a17442c575c6946c5a7f279705f47
Details	sha256	1	6697604c88f0fbb05a6848915d1800eb9a77b607e834c6a01e2bf4a076955a91
Details	sha256	1	d2831378b440b653984e58ba82bd670f30eca0e4f23f14c248c50780883d32c3
Details	sha256	1	2c7563c76c710a3988c14b8246fd8864c37c08b723b0a24e0f4aa876cc5f73c8
Details	sha256	1	502f0a6587cf2d084e98f5edc12192e1ca37515bdf7364511415d615be2e6aa7
Details	IPv4	2	2.58.56.247
Details	Url	1	http://2.58.56.247
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/nss3.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/msvcp140.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/vcruntime140.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/mozglue.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/freebl3.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/softokn3.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/sqlite3.dll
Details	Url	1	http://2.58.56.247/an7jd0qo6kt5bk5bq4er8fe1xp7hl2vk/nssdbm3.dll
Details	Url	2	https://blog.avast.com/fakecrack-campaign
Details	Url	1	https://medium.com/s2wblog/deep-analysis-of-raccoon-stealer-5da8cbbc4949
Details	Url	27	https://s2w.inc
Details	Url	32	https://www.facebook.com/s2wlab
Details	Url	27	https://twitter.com/s2w_official