Extracted

• • Target

    FILMORA 13 [LATEST].exe

  • Size

    841KB

  • MD5

    cd1906c7863d47729b0e67f618c416f8

  • SHA1

    b477551537909240af8cd5ab92c1b10668ae9b6b

  • SHA256

    8d552cc759fb010e6a6fffd0b9210e7c1ad608d74db3b212e68e16b7fb4c3cba

  • SHA512

    c3a4c18d10711b2ffd71a4ef6b1f9977c98c3e3e5d63d16977c1e7cd32b0c0f1c02a83ae69af6f12fe9e415afb8ad062a428d3a7a28b0d5650d35923549369e1

  • SSDEEP

    12288:MTmVRdJlYb5EQ8MzHRSwm9e9IjDxIMGy2o6+ceSrhLPRvwYu9GkZuVCUT47TALs5:MoPzybReDao6Pt1RYYMGwmCUT47sQ12y

  Score

  10^/10

  raccoonef424a2eb9bb1c91d8e21915b6fa4721stealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon Stealer V2 payload

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2