MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0a70ac9f7342a3bf82c92ce04c0f810eaa62347a023a046e8aa19c51c876da60. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RaccoonStealer


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0a70ac9f7342a3bf82c92ce04c0f810eaa62347a023a046e8aa19c51c876da60
SHA3-384 hash: ff718326c8e987e074a5200e1ffe6c0f05fa1e2d9a674eacc668541f21a3ee1054d3325ac428b52bdc2732fdb7235982
SHA1 hash: b07137bb0fc621de7dce0a03baab04a92490d85b
MD5 hash: def558612d238e90e1d1a21dd996c3ad
humanhash: indigo-football-steak-twelve
File name:SecuriteInfo.com.BehavesLike.Win32.Generic.gc.27357
Download: download sample
Signature RaccoonStealer
Create hunting rule
File size:422'400 bytes
First seen:2020-05-30 04:50:01 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash bd29261738f794baed48a11d70e10019 (2 x RaccoonStealer)
ssdeep 12288:or+E1lrRbQcnRdeHPMwSkmUNMh6pjhrk:NEjRbznDiUrRUqhQj9k
Threatray 411 similar samples on MalwareBazaar
TLSH E29412C522B5485FE4429930BE31E2B559E8BC70AF3D8553F39C560E0E70BF19DA8792
Reporter SecuriteInfoCom
Tags:RaccoonStealer

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BehavesLike.Win32.Generic.gc.27357.UNOFFICIAL
Create hunting rule

PUA.Win.Downloader.Aiis-6803892-0
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Stopcrypt
Create hunting rule
Status:
Malicious
First seen:
2020-05-30 02:37:41 UTC
File Type:
PE (Exe)
Extracted files:
33
AV detection:
25 of 31 (80.65%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
041a38bb8033ba158dc7728a19844811f459500c800835b0e2609501253c9470
RaccoonStealer
51e65c80e7e567914ea0b0b43f01ac76901cfbd36a0aba1ac06cca5593f12b41
RaccoonStealer
5f3e83b3aa82ef8adbf82f9971372b78015470ca185e77a367fc8f1a4963ea64
RaccoonStealer
8092f7adff425c2972f2716e2d31fedb1057c692eb8f0d4ca65d1a97537932a7
RaccoonStealer
838e751256c2c80b0ea3299a6c9410033a4ae8eeb15fa5dc913a5e2d2b041c5a
RaccoonStealer
983d5da5a77bd35296ad8569ec9eeeb0b7984f9deadf4d7b65842275da53ca72
RaccoonStealer
a61d49a1253008d99edb3454be53014f5aca06bd41bd70b77ad2266a3579fcbe
RaccoonStealer
ae3ff9a6dba15d80bb39bfe3cac65cf0ffd3745b7cc5a3880465f727747a5804
RaccoonStealer
af0a3834638be40e679b27b8fe35a494906e3ef293e4ac5b16ceb1d198939d09
RaccoonStealer
f8bd31f514d66552ce6512c5d48ea422a990b6e0d0d4251ccd25370048718c48
RaccoonStealer
+ 401 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-46qwh6kxq6/
Behaviour
Modifies system certificate store
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe 0a70ac9f7342a3bf82c92ce04c0f810eaa62347a023a046e8aa19c51c876da60

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/372242/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/372238/
  
URLhaus
https://urlhaus.abuse.ch/url/372103/
  
URLhaus
https://urlhaus.abuse.ch/url/365947/
  
URLhaus
https://urlhaus.abuse.ch/url/365304/
  
URLhaus
https://urlhaus.abuse.ch/url/364175/
  
URLhaus
https://urlhaus.abuse.ch/url/363091/
  
URLhaus
https://urlhaus.abuse.ch/url/372244/
  
URLhaus
https://urlhaus.abuse.ch/url/372239/
  
URLhaus
https://urlhaus.abuse.ch/url/372369/

Comments