Extracted

• • Target

    JaffaCakes118_5df15089eace1540d3ada79886edb1c49d195be54f01f32ffcb92ebd8bd51f86

  • Size

    700.0MB

  • MD5

    9fbc6b4b70255d98f962ec67644844fa

  • SHA1

    2b8dde017c5e5097cf556d9b0e94b42638f21d6d

  • SHA256

    5df15089eace1540d3ada79886edb1c49d195be54f01f32ffcb92ebd8bd51f86

  • SHA512

    b514672e9c7d598c3a75e7ed686482f7616e06b6cc2690ca00218ccc40ce3a5213cfcf5c8399487ac7bfb8873cdd543478d898ff3746265bfae6552ab0c13df6

  • SSDEEP

    12288:avenjofUfB0nWZQzjFeM6DJOjB9sTTHyJ9Bxh7qcDHysVIvonYASjG7bPFxLft:avmanYQb6VO926Iolt

  Score

  10^/10

  raccoon5340080a43ac99e1d6b4267eba4dd369discoverystealer

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon family

    raccoon

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2