Extracted

Extracted

• • Target

    9f34d4f248f8f1ff7c8f683f5c97ee7d.exe

  • Size

    684KB

  • MD5

    9f34d4f248f8f1ff7c8f683f5c97ee7d

  • SHA1

    0a982af57e5be5dcc06a4d680072a9ae52dcfaae

  • SHA256

    9c2978d525c68cceb114ea784ca6a6975dfee9ea7f2ac6aaebeb209a915524cb

  • SHA512

    3c39107f7ab6fdf8c3b9b248a715cc8add69c0c8f0d0f802f0fc4ab86a09ff62f0aed79de867c64bbdb643cd4953669266cc78e56fbf0ec54e04d92acb2df451

  Score

  10^/10

  ransomwarediscoverystealerraccoonspyware

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

  • Raccoon log file

    Detects a log file produced by the Raccoon Stealer.

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spyware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • JavaScript code in executable

  • Suspicious use of SetThreadContext

  behavioral1behavioral2