Extracted

• • Target

    ff0f5c06e13d7f3038de3ba92aa5ac178368e5092763fd04b27867a323d1d274

  • Size

    213KB

  • MD5

    4985af8c670ddde8fa978c82e8e6ed3e

  • SHA1

    9e4b7558b5e69d2f0428b0728ceafd99afc95dcb

  • SHA256

    ff0f5c06e13d7f3038de3ba92aa5ac178368e5092763fd04b27867a323d1d274

  • SHA512

    6ae4a4f32b1b48eee22c56a2c5cc2e1b1b069531993929908961ba4d0ab087dca0089395d4bf0f33665dda094fbdef5b4eee7fc4fd16faa73e01f4d5890556a3

  • SSDEEP

    3072:cXpRHuHtLitAIpPw57XefTsjKtXo/me9+Ockt27t0Kg1Ok:YHuHtLoPeIgqe9+OFot0Ok

  Score

  10^/10

  raccoon63267bc2317b9849c2d512a4e16b0f3bdiscoveryspywarestealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1