Racoon Stealer
Tags
| country: | Russia Ukraine |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Password Managers - T1555.005 Phishing - T1660 Phishing - T1566 Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 9dfb9d1c-a530-4630-b270-197f6421ad7c |
| Fingerprint | ae2c6bc8243bb791 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 22, 2023, 2:29 p.m. |
| Added to db | June 22, 2023, 4:30 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Racoon Stealer |
| Title | Racoon Stealer |
| Detected Hints/Tags/Attributes | 49/3/9 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
| Details | 171 | ✔ | Malware on Medium | https://medium.com/feed/tag/malware | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 9 | raccoon.ic3.gov |
|
| Details | File | 104 | sqlite3.dll |
|
| Details | File | 48 | applaunch.exe |
|
| Details | File | 1 | raccoon.exe |
|
| Details | File | 81 | werfault.exe |
|
| Details | File | 2 | %appdata%\bitwarden\data.json |
|
| Details | IPv4 | 1 | 149.143.167.99 |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/raccoon-stealer-malware-suspends-operations-due-to-war-in-ukraine |
|
| Details | Url | 1 | https://raccoon.ic3.gov/home |