MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4911fa1954ae21c905977d4a341a7984948cad6c2fd3269871d328386a0f3344. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 4911fa1954ae21c905977d4a341a7984948cad6c2fd3269871d328386a0f3344
SHA3-384 hash: 7f3be9f3083311c29a2304004be2f0b0c33eaff88570b1d65c5426d95c78b06b79be2c3d28392fa1528119e860701142
SHA1 hash: 48b087b25dec9ed2574713d786e46c47bb156a3b
MD5 hash: ff47b14fae7af6baf17ccc151a0196c9
humanhash: oven-lamp-nine-nuts
File name:ff47b14fae7af6baf17ccc151a0196c9.exe
Download: download sample
Signature RaccoonStealer
File size:603'136 bytes
First seen:2020-06-30 13:32:51 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 568bff351ee7e99ef7cf7a9adda85cab
ssdeep 12288:XSje8ap9C8kVQ4fwCVueBju1Aq97h4DZtTczIF6Bofq+Z:v8arJOvVuqj4AeyzCi6iq+Z
TLSH A0D401163352C0B1D0216130A9A9DDB5226E7D72992435C327943F3FAEB26D15E3AF2F
Reporter @abuse_ch
Tags:exe RaccoonStealer


Mail intelligence No data
# of uploads 1
# of downloads 31
Origin country US US
CAPE Sandbox Detection:n/a
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injuke
First seen:2020-06-30 13:34:08 UTC
AV detection:23 of 31 (74.19%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:redline
Tags:ransomware stealer family:raccoon infostealer family:redline evasion spyware trojan discovery
VirusTotal:Virustotal results 26.03%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 4911fa1954ae21c905977d4a341a7984948cad6c2fd3269871d328386a0f3344

(this sample)

Delivery method
Distributed via web download