MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b47f74419de5db79da95d6d39d6e7e0da43a2bb2dc5770a0ee3715bcb2d76299. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: b47f74419de5db79da95d6d39d6e7e0da43a2bb2dc5770a0ee3715bcb2d76299
SHA3-384 hash: beed4ebc9751b0d69783acc3623bd9b5925384f841a17f31a0ad1bed073c4286a1d73fc9df759fcdefc594a5c6e77cb5
SHA1 hash: e920ca841d6c2ea3f7a5d15b7ac49e9e1d3442cd
MD5 hash: 08a433dcb4d318008eb98a700a267f43
humanhash: ceiling-skylark-helium-video
File name:08a433dcb4d318008eb98a700a267f43.exe
Download: download sample
Signature RaccoonStealer
File size:593'920 bytes
First seen:2020-06-30 05:23:51 UTC
Last seen:2020-06-30 05:48:04 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 69104843fd99359df270d11507bd145b
ssdeep 12288:yWuaoc9sircA+6KQIuOKkpfiUmE/Lx3bh2AlE85ZDGQ4bIiQi/1CKyg68DZB:fWKsSVIsAaUmEdVJB5cQxBideg6K
TLSH 4BC412017B42E033D5377434B911F57299AE79720A24748337992B3EAFB29D19E2EF06
Reporter @abuse_ch
Tags:exe RaccoonStealer

RaccoonStealer C2:


Mail intelligence No data
# of uploads 2
# of downloads 26
Origin country US US
CAPE Sandbox Detection:n/a
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-29 23:55:33 UTC
AV detection:25 of 31 (80.65%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Tags:ransomware spyware stealer family:raccoon evasion trojan discovery
VirusTotal:Virustotal results 27.78%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe b47f74419de5db79da95d6d39d6e7e0da43a2bb2dc5770a0ee3715bcb2d76299

(this sample)

Delivery method
Distributed via web download