Extracted

Extracted

Extracted

• • Target

    5cd5861ce0c007ee7d09a79df1a93424ee1f4c2ed503b140e60ac22f6e5ece54

  • Size

    1.4MB

  • MD5

    6ae1da8abe6ef9817a617acec71bab22

  • SHA1

    aa61bd2997030f1798399708fc07eca23887d0fc

  • SHA256

    5cd5861ce0c007ee7d09a79df1a93424ee1f4c2ed503b140e60ac22f6e5ece54

  • SHA512

    fe6c6328d990f67b28ae7478d025fcb1e5a6c5f2a974dece4b5ab70a7b7106f720118ed2257cf39419221b29c4b53e34099402bca73846a18050d64f03a2e355

  Score

  10^/10

  azorultoskiraccoon180d3985eb74eacf2de83c771fbf30a60f670ec0infostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

  • Raccoon Stealer Payload

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2