MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e712a2411eda56792ddf7f45f19ed01e5a77ceaa5f08942b2e8cfd3d07cd7158. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara Comments

SHA256 hash: e712a2411eda56792ddf7f45f19ed01e5a77ceaa5f08942b2e8cfd3d07cd7158
SHA3-384 hash: 5298b39ea6928bdde7b38c79cda57214545c9bbb5c98bf026f825543c8645ad42bba9eefc523ec0ee5075c5a52b1e049
SHA1 hash: 83896c0ce5b0c37ebe9e5d0707ba3fbf28ae02ce
MD5 hash: 13a9cfd3cd6779bd123789409cfac0fc
humanhash: yellow-jersey-october-maine
File name:13a9cfd3cd6779bd123789409cfac0fc.exe
Download: download sample
Signature RaccoonStealer
File size:602'624 bytes
First seen:2020-06-30 06:25:21 UTC
Last seen:2020-06-30 07:01:16 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 568bff351ee7e99ef7cf7a9adda85cab
ssdeep 12288:Pppr4cDxvURaqvRng+QR0npX/P+riSVGpO1RTpU0oSEf7pVKk/MBO3ZXtyJyIqJp:vrrDl/qvS+QanpX/HWk2B0OyIqJjl
TLSH 6BD40141B383E07AF4772670B96CE6B1466E7C721B2504CBF7953A3FAE722D05A29311
Reporter @abuse_ch
Tags:exe RaccoonStealer


Twitter
@abuse_ch
RaccoonStealer C2:
http://35.223.217.188/gate/log.php

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 32
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16817/
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/e712a2411eda56792ddf7f45f19ed01e5a77ceaa5f08942b2e8cfd3d07cd7158/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 06:27:04 UTC
AV detection:26 of 31 (83.87%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Link: https://tria.ge/reports/200630-tlz4pzxrdn/
Tags:ransomware spyware stealer family:raccoon evasion trojan discovery
VirusTotal:Virustotal results 26.39%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe e712a2411eda56792ddf7f45f19ed01e5a77ceaa5f08942b2e8cfd3d07cd7158

(this sample)

  
Delivery method
Distributed via web download

Comments