Extracted

• • Target

    eed9f58f3d2334ac8297cfa62548cd9dbdb05f13d92fb86fa4ed77d1cd35889d

  • Size

    420KB

  • MD5

    687521154ae7af209176eb2d352b8676

  • SHA1

    73f3b54d73632569af61c1839050ab8a51df03da

  • SHA256

    eed9f58f3d2334ac8297cfa62548cd9dbdb05f13d92fb86fa4ed77d1cd35889d

  • SHA512

    33c2b8bdbe652ee06ff8e5308237a27c8b5ba248ce6c9141e325d6c39981e9c27b1c50ae42216589421a3bed4cd179cadc82b8e1bdb9e3422574b9d6c262ddb3

  Score

  10^/10

  raccoonf6d7183c9e82d2a9b81e6c0608450aa66cefb51fdiscoveryspywarestealer

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1