MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 acab3fc36076df7b6ebddd8341fa6aba592c9be3c31946987fa1429ca8cdb452. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara 2 Comments

SHA256 hash: acab3fc36076df7b6ebddd8341fa6aba592c9be3c31946987fa1429ca8cdb452
SHA3-384 hash: df5cdd6a9cc4aa0c9a52cb397b95e73294c3593d6f0e46fd32bf9d580bd1f47f7ee9513362dbb41f986b29578e0b29a5
SHA1 hash: df8752a196440a4f265a8bf69e6f4ee188fadab6
MD5 hash: 3a8b3d94217aa414e12e41331720f68d
humanhash: floor-undress-arkansas-march
File name:3a8b3d94217aa414e12e41331720f68d.exe
Download: download sample
Signature RaccoonStealer
File size:481'280 bytes
First seen:2020-06-30 06:37:13 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 568bff351ee7e99ef7cf7a9adda85cab
ssdeep 12288:t9GcatTpmvzyALSuWlT90ldFNbq5mAMG:YZpmvzyASuWN4qv9
TLSH 3FA4F10137A1EC32E0616570E978E5F426A83CF15A20A5C737A42B3F7EF2AD055EB715
Reporter @abuse_ch
Tags:exe RaccoonStealer


Twitter
@abuse_ch
RaccoonStealer C2:
http://35.223.217.188/gate/log.php

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 31
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16831/
ClamAV SecuriteInfo.com.Malware.PDB-11.UNOFFICIAL
PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:raccoon
Link: https://mwdb.cert.pl/sample/acab3fc36076df7b6ebddd8341fa6aba592c9be3c31946987fa1429ca8cdb452/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 06:39:03 UTC
AV detection:26 of 31 (83.87%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Link: https://tria.ge/reports/200630-hhtp72bds6/
Tags:ransomware spyware discovery stealer family:raccoon evasion trojan
VirusTotal:Virustotal results 26.76%

Yara Signatures


Rule name:win_raccoon_a0
Author:Slavo Greminger, SWITCH-CERT
Rule name:win_raccoon_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe acab3fc36076df7b6ebddd8341fa6aba592c9be3c31946987fa1429ca8cdb452

(this sample)

  
Delivery method
Distributed via web download

Comments