MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7b19881e169116c36a30db707e9cd7748e0fdb91cb37572689e75c469dc54b52. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara 2 Comments

SHA256 hash: 7b19881e169116c36a30db707e9cd7748e0fdb91cb37572689e75c469dc54b52
SHA3-384 hash: c997bd3011e0c0ac90362ff4423ed835f57f2a506592efb5dad93e5315831d9cd0da0d0d2ba11636e5b02aa31c816d4d
SHA1 hash: 59477060d8ba5f6efe790a547e7d7781cdedb2cc
MD5 hash: 68de2dcd390425a652d2caee2ed399d9
humanhash: oranges-pizza-fish-double
File name:68de2dcd390425a652d2caee2ed399d9.exe
Download: download sample
Signature RaccoonStealer
File size:683'520 bytes
First seen:2020-06-30 06:37:53 UTC
Last seen:2020-06-30 07:45:41 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash e87e827b8c35620178f7117d8d5f4bfd
ssdeep 6144:FI3FCEPswFlW5SAHs1LU5WGhP5dnhvIcseuLHoXamfEjiNNvqQmgtkfAQTbtl78R:APswa5nHsm5BhPhvIwXXamfMtCVZWIB
TLSH 14E402117BE3C031C0DA66316A64C7B45969BCB25B25C24F33582B7FBE712F18A57722
Reporter @abuse_ch
Tags:exe RaccoonStealer


Twitter
@abuse_ch
RaccoonStealer C2:
http://35.223.217.188/gate/log.php

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 27
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16832/
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:raccoon
Link: https://mwdb.cert.pl/sample/7b19881e169116c36a30db707e9cd7748e0fdb91cb37572689e75c469dc54b52/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 06:39:04 UTC
AV detection:27 of 31 (87.10%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Link: https://tria.ge/reports/200630-a9z2bsm4fa/
Tags:ransomware spyware discovery stealer family:raccoon
VirusTotal:Virustotal results 27.78%

Yara Signatures


Rule name:win_raccoon_a0
Author:Slavo Greminger, SWITCH-CERT
Rule name:win_raccoon_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe 7b19881e169116c36a30db707e9cd7748e0fdb91cb37572689e75c469dc54b52

(this sample)

  
Delivery method
Distributed via web download

Comments