Extracted

• • Target

    Full version 2.0.rar

  • Size

    33.4MB

  • MD5

    d27309da2d9955e35ed8857c4e1c3811

  • SHA1

    c401881293f9f490a015a6abe5fa241f3b24bfd9

  • SHA256

    2361f90ff27aa1f3eda6031ab6aa2860bae6bceab468d6ff222d0f1e8bd6c5ab

  • SHA512

    d77871306ff7226234e9dc83156730705e8c0f733fe3262ca0b762b81af7981fea1639e893feb88ae407967d57c1b850951b11bc94f3aaa20bf7670d5a61c709

  • SSDEEP

    786432:hVBJyDMIzgBxGFgVbn0cgzZ1qas1SH3mBL4cW9XP5voU6+h8C:h3JyAbBxsgFn0cgzZ1XHN9hDh8C

  Score

  10^/10

  raccoonf26f614d4c0bc2bcd6601785661fb5cfdiscoverypersistencestealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Executes dropped EXE

  • Loads dropped DLL

  • Registers COM server for autorun

    persistence

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Drops Chrome extension

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1