Extracted

Extracted

• • Target

    a02.exe

  • Size

    6.0MB

  • MD5

    7aa1b586401a170e3326782cce367025

  • SHA1

    2ef37a3ecd522e5f954fca4eae4eb2c75bf155eb

  • SHA256

    249ef6343e3a6316852abefe7c73400b57ff7204a05ff46011a00847ba52053e

  • SHA512

    3e674e6c80f725ce6cb785089e9dd7e14961f6e32c6305b73baa945c7572b4857af2fb406df9f6c4632b1cb1ebb5ffdbf5173ee98d0c5678ddfc94f8d5f8cd60

  • SSDEEP

    98304:2pReUPZtlw98TK6xFlbX6ujDqb2lyMJA1VHByvPk2xGtrNZMHQr8dFh5dQ5:N4Nwz6rlKu6bYfJApYk2cJAQwd5C

  Score

  10^/10

  raccoonad37f95ba4ec1fb964492c1f20f7a9efstealervmprotect

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon Stealer payload

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • VMProtect packed file

    Detects executables packed with VMProtect commercial packer.

    vmprotect

  • Suspicious use of SetThreadContext

  behavioral1behavioral2