Extracted

• • Target

    file.exe

  • Size

    2.5MB

  • MD5

    98bb77be0218bae48ed9b2647aafa2f3

  • SHA1

    357f88867103b89cbc41293f60a2f7e7829af206

  • SHA256

    d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641

  • SHA512

    9e34f59683500fc2cb4f6c4831fdf2662707f87fa297659f5cafaa0e2ed5556793601dfc7fd195ef7d0ac5de1af268e226787c2bdbc2df5802b9b5231b20a2e9

  • SSDEEP

    24576:nzww4MA8/R3BL7o+w0Y1Yj002XLMw96KZd2B8Z0b5bpD62vI/H/313LrXC79lyOy:nZAAnL7o+awbFI/H/313nofl38

  Score

  10^/10

  raccoonce21570f8b07f4e68bfb7f44917635b1spywarestealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2