API tools faq
paste
Advertisement
ExecuteMalware

2021-07-29 Raccoon Stealer IOCs

ExecuteMalware
Jul 29th, 2021
11,376
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.91 KB | None | 0 0
raw download clone embed print report
  1. THREAT IDENTIFICATION: RACCOON STEALER
  2.  
  3. SUBJECTS OBSERVED
  4. Contact Submission
  5.  
  6. SENDERS OBSERVED
  7. Mike <noreply@svipa.com>
  8.  
  9. EMAIL BODY
  10. name: Mike
  11. email: mike@wromet.com
  12. message: Good morning, please pay the invoice. The invoice is
  13. available at https://cutt.ly/invoice_37223_2021 Best regards, Mike
  14.  
  15. RACCOON STEALER PAYLOAD DOWNLOAD URLS
  16. https://cutt.ly/invoice_37223_2021
  17.  
  18. https://ifirma.tw/pobierz/faktura-77_2021-3.pdf.exe
  19.  
  20. RACCOON STEALER PAYLOAD FILE HASHES
  21. faktura-77_2021-3.pdf.exe
  22. f7ba0f7a61b8b51a5e1823d5fd274d12
  23.  
  24. RACCOON STEALER C2
  25. http://34.141.84.7//l/f/AwR78noBagrSXdgRI6mK/2b5e22c8234245ec15224617bcd1d3d2815032f7
  26. http://34.141.84.7//l/f/AwR78noBagrSXdgRI6mK/d9f2d1eed65e7bf9f8f20e8047035ac98c2f99d4
  27.  
  28. SUPPORTING EVIDENCE
  29. https://www.virustotal.com/gui/file/97230d986df3ea5ab1a95966a7cd14ff73744912d34edb7a72776b78440d9293/detection
  30. https://app.any.run/tasks/a8167c48-857a-4a27-860f-d3569db25b25/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!