General
-
Target
d461df33afa6427a00b3ebad7e16e525.exe
-
Size
515KB
-
Sample
210129-q88p8ptgw6
-
MD5
d461df33afa6427a00b3ebad7e16e525
-
SHA1
f1fd804f319b3f5d20b2ffc595df0db3420484d2
-
SHA256
00dcb8c96ee8972fe3bc64b0a6d972d11d56be467d52ed5f64eab0ad45fe0799
-
SHA512
c44ca2a16da6761dbe236722910ae5c4a5ec1e8edb0c6fd7c90c1cc8b86d4cdfd5776a8ec40e7489234ba4a4b0e7456eddbe32cb217efa3a40597486458be603
Malware Config
Targets
-
-
Target
d461df33afa6427a00b3ebad7e16e525.exe
-
Size
515KB
-
MD5
d461df33afa6427a00b3ebad7e16e525
-
SHA1
f1fd804f319b3f5d20b2ffc595df0db3420484d2
-
SHA256
00dcb8c96ee8972fe3bc64b0a6d972d11d56be467d52ed5f64eab0ad45fe0799
-
SHA512
c44ca2a16da6761dbe236722910ae5c4a5ec1e8edb0c6fd7c90c1cc8b86d4cdfd5776a8ec40e7489234ba4a4b0e7456eddbe32cb217efa3a40597486458be603
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-