Extracted

• • Target

    Setup.exe

  • Size

    366.5MB

  • MD5

    1a59909bd1196572c19064fc8cd0ce57

  • SHA1

    9df8d12b7405ae6205529b2a3fb70b11b84ddc4f

  • SHA256

    fb8bbcd3b86d796755451613963e53fe6beee3537b21d440adf0b32873731442

  • SHA512

    44a9182fc4b5ce841d81292a5d48333fd4099ed395f5f18738bf1bab4cd33a1f91d637d6fd0e6731df435a577745eb4b261d349a0bef77cbb850e8e0f5bc9850

  • SSDEEP

    98304:fqZxjp/7m4TzlME5XeUZfHCl8yeHI/OQCut0h4EPerFGkl+7oVNHZ5tpN+am/JBt:MRpDm4TRNOyCl8P1A38kloOrTUaSqO

  Score

  10^/10

  raccoon8eb14caca01131f5f4ff62ef8a0fcab4discoveryevasionstealertrojan

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon family

    raccoon

  • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    evasion

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Checks whether UAC is enabled

    evasiontrojan

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2