Extracted

Extracted

• • Target

    Payment_copyUSD_pdf.exe

  • Size

    443KB

  • MD5

    63318f287f84a300750a2236901f357e

  • SHA1

    bc98b692a27350b81694288783b17647739917d9

  • SHA256

    13b574bdacbd66335eb90d98e9be0e0bbd36373658a41c691d25b1d39c3621e4

  • SHA512

    f993591ddec78cd4da277e44333fcf5a8b24c13123c81bbc07d3240320262ed1d15839227c69b5a2af9e72dd848918a34d5735dd9fd11bc86c9a2ae833ab55ae

  Score

  10^/10

  ransomwarespywarediscoverystealerraccoon

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

  • Raccoon log file

    Detects a log file produced by the Raccoon Stealer.

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spyware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • JavaScript code in executable

  behavioral1behavioral2