Extracted

Extracted

Extracted

• • Target

    d95b0b49d1297b2575f3df70d569f294

  • Size

    968KB

  • MD5

    d95b0b49d1297b2575f3df70d569f294

  • SHA1

    8cce459259d4aa52e7ec0c740ba5a9e0583fc250

  • SHA256

    ba0a5fc793cec47c22ad73ab7f4ee2746d0c6f1818ae7bf4ad9187a4871ebc30

  • SHA512

    b7d753fcfc488415f706d5e525527716cd9c271e1d9a28204d75e914cd62e565c9389591d130fc1a8527a50112a5a88bbe2ed8554ebeabdfc3616ff91797a8dd

  • SSDEEP

    24576:waR0NC7TnVeuFVVo2f1sSu/3WxF0ZSFgazrw7bYOggrF0dz+QgAgp:waWNC7hLVVL1sX3WxKZKgW2hrKd7j6

  Score

  10^/10

  azorultoskiraccoon43aae292cfe6f58a13bd7111bdd7d5ded5b23ec3infostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon Stealer V1 payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2