Extracted

• • Target

    e0270356bde8bc3b16ba817d006958604d690f72b621db019be44faa6cdf4bde.exe

  • Size

    10.4MB

  • MD5

    ff63e8f5b4f30a045c8b69219da4305d

  • SHA1

    38d1dbda1992ca36752b3a7c5633f57c111dfbfe

  • SHA256

    e0270356bde8bc3b16ba817d006958604d690f72b621db019be44faa6cdf4bde

  • SHA512

    c045d6e2bccc15b41bf3b0c90b7aa66265d2ce4c3870351ce87de265c1fb5a0370e3b85dbae230c7020573c3ce8330cb8c7642d0b897fd09f546b4308e5e32fe

  • SSDEEP

    196608:dNR0VMXHsF0wuqcqj4P8QYiqEvy1ru/ADM3Je4SKtl0cpRumKphRmdt5o9X:ycDwhcRPV/qLYoDUPDnumKph+o9X

  Score

  10^/10

  raccoonb0f267902bbcc11cd154886fb8ee5da8stealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon Stealer payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2