MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7e4edc8ffe28e350521029d003b74b2d77e74d4423c4ceb14fb4860341c8b95f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 7e4edc8ffe28e350521029d003b74b2d77e74d4423c4ceb14fb4860341c8b95f
SHA3-384 hash: d1d128ef03482ca498cb13f3bc83c364b6608f017f45e52bbb63935f11870ab72d7f5c5a6727fb17e891b7cdfe8c0731
SHA1 hash: 5396942eead1be7510ca4689c6c70111ab8ca7eb
MD5 hash: 0da5863efb6a991be6b2751f67dd481f
humanhash: apart-jersey-alabama-bakerloo
File name:0da5863efb6a991be6b2751f67dd481f.exe
Download: download sample
Signature RaccoonStealer
File size:602'624 bytes
First seen:2020-06-30 12:07:39 UTC
Last seen:2020-06-30 13:11:20 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 2302c7d2bec8288d05bcff6e73d703af
ssdeep 12288:XxdkGoGon+TuZzNd8fXIqSZ5ffLKXgsPqdxKX:rkv/GXIlLKXnPqd4X
TLSH 5ED4016333B1E076EC662530A625EAB11EFE6C71252410C377553B3EEE323D07A79299
Reporter @abuse_ch
Tags:exe RaccoonStealer


Mail intelligence No data
# of uploads 2
# of downloads 28
Origin country US US
CAPE Sandbox Detection:n/a
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 12:09:04 UTC
AV detection:25 of 31 (80.65%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Tags:ransomware evasion spyware trojan infostealer family:redline discovery stealer family:raccoon
VirusTotal:Virustotal results 27.40%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 7e4edc8ffe28e350521029d003b74b2d77e74d4423c4ceb14fb4860341c8b95f

(this sample)

Delivery method
Distributed via web download