MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 61c47bc44d3877e815be609e98f97eb1b79ee1c9215646570d85cc40aa9c1317. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RaccoonStealer


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 61c47bc44d3877e815be609e98f97eb1b79ee1c9215646570d85cc40aa9c1317
SHA3-384 hash: 8de40381e2fb5cbbaabdc48e6cac013559a4abadf5afbad202e05fd0a2bdf6b92979a2c92fd813d5936db89e70674935
SHA1 hash: 9779fc80cb1e3aadf8dd1610d157f6792207d6ff
MD5 hash: e42e48df539eb3a3f4c0682b708eff52
humanhash: virginia-xray-island-early
File name:SecuriteInfo.com.BehavesLike.Win32.PUPXEU.hc.22127
Download: download sample
Signature RaccoonStealer
Create hunting rule
File size:553'472 bytes
First seen:2020-05-15 21:29:25 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash a0a9fa6380c1af60a24212d07a02c4a5 (2 x RaccoonStealer)
ssdeep 12288:5jKRqzHJc1Tgz3O2dbATH0spfmDqT+f/9Xr+N:5msl8sz3LdbDtDA+Fr+
Threatray 321 similar samples on MalwareBazaar
TLSH B0C4D001E3E1BA35E2736A369E7D97A09E3EB912EC3862D933125E4F19703E0C556712
Reporter SecuriteInfoCom
Tags:RaccoonStealer

Intelligence

File Origin
# of uploads :
1
# of downloads :
94
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BehavesLike.Win32.PUPXEU.hc.22127.UNOFFICIAL
Create hunting rule

PUA.Win.Downloader.Aiis-6803892-0
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Racealer
Create hunting rule
Status:
Malicious
First seen:
2020-05-15 21:35:25 UTC
File Type:
PE (Exe)
Extracted files:
70
AV detection:
27 of 31 (87.10%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=mhchxrcnhb36qfn6mcpjr6l6wg3z5yojeflemvynqxgebku4cmlq._file
Verdict:
malicious
Similar samples:
0335616afb9c546d9580cd2656fdad8758f4daa215c39a0c14a0fc68a5c129f0
RaccoonStealer
07bfebe8d71ba6f9d0f0b05d40648777a4200a5811a1c6000f825c6d3e8246a4
RaccoonStealer
1f41788769bed2b7fa9f0d52c257b57eaf17793d6e02d5b4aea4a4a148d72874
RaccoonStealer
2b54fb9596441cbdb7f2208b41a717adba83c5834a49c534f54d479131f750c1
RaccoonStealer
55f47d6441e8fcd7ceb49d115588163c5a2941a2ed954b0a8e09b82233d7de4c
RaccoonStealer
af144fecf75bb3b83d364a523b10f5a825b50f27017060112c17dbf668a5040a
RaccoonStealer
d3025e6ca15f2f2c1ee931ecc075982f65e95cbbb367762874966472fa168cf6
RaccoonStealer
d54f78713ce9ccaaf5b87be9e0273061eb659c547d5882332642b20d71547f79
RaccoonStealer
e6d287e8934bea3f8c237e9095cfebd7e629bb2a9624eafc0b26065e0e03485f
RaccoonStealer
e9ba77b36bd2ca8d3c4486930e2e79d670804bdbec171b8a459c4d1264d7c100
RaccoonStealer
+ 311 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-n6wtl9zhc2/
Behaviour
Modifies system certificate store
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe 61c47bc44d3877e815be609e98f97eb1b79ee1c9215646570d85cc40aa9c1317

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/363091/
  
Delivery method
Distributed via web download

Comments