Extracted

• • Target

    202a5631c6e19954c3d85a1bdb9dc14f8d6906e1bc640ee0f940adb7446e04b9

  • Size

    2.5MB

  • MD5

    868b8d102e5b76df02a76a6063fc963e

  • SHA1

    02902b2b1be8065c8b1361f8b1f7e3795470b634

  • SHA256

    202a5631c6e19954c3d85a1bdb9dc14f8d6906e1bc640ee0f940adb7446e04b9

  • SHA512

    9c86df899500dc8bfcc606d40e57017c8e987ed597a1a8286a59c1044027a8030a88b8734fe0383d55d310b7d2983343998f00bcd46501641186f1b7ffe4ed9c

  • SSDEEP

    24576:I09J5wsOjflMYKY0YSY0YuCfZMDYJYLdtZ8tZvEoKCDh/fj6LuYp2Fl3RuQ5531q:IeojWYKspaCDh/fj6Ql3Q

  Score

  10^/10

  raccoonce21570f8b07f4e68bfb7f44917635b1spywarestealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1