MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8092f7adff425c2972f2716e2d31fedb1057c692eb8f0d4ca65d1a97537932a7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RaccoonStealer


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8092f7adff425c2972f2716e2d31fedb1057c692eb8f0d4ca65d1a97537932a7
SHA3-384 hash: 020d2b308466f4d43d1d362da5cbeb06a9f329dbe77d7a826c24b65714134af50ce30ff2980f515f54b70347284e8ca1
SHA1 hash: 745e660e0dec8cea29e28f8d90518314902a8771
MD5 hash: 0e0055059f9848269c730fdad3fb9431
humanhash: magnesium-oranges-early-sixteen
File name:SecuriteInfo.com.Win32.GenKryptik.ELVZ.879
Download: download sample
Signature RaccoonStealer
Create hunting rule
File size:495'616 bytes
First seen:2020-06-05 00:33:44 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash d2675b7857c74407e41e798e21be5962 (3 x RaccoonStealer, 1 x BuerLoader, 1 x DanaBot)
ssdeep 12288:iuYbufKbVeUcUMfGzBlVq/g915CaHy2tw0xUd9c:iJ9eUcUnt3PtfKd9c
Threatray 437 similar samples on MalwareBazaar
TLSH A3B4020DE2F39021D05298706275FA63137AEC723677CD8F2254252E79707E19AA2FB7
Reporter SecuriteInfoCom
Tags:RaccoonStealer

Intelligence

File Origin
# of uploads :
1
# of downloads :
70
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Win32.GenKryptik.ELVZ.879.UNOFFICIAL
Create hunting rule

PUA.Win.Downloader.Aiis-6803892-0
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Genkryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-05 00:34:05 UTC
AV detection:
11 of 31 (35.48%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=qcjpplp7ijocs4xsofxc2mp63mifprus5ohq2tfglunjou3zgktq._file
Verdict:
malicious
Similar samples:
1816556fa3a0df155987e973d599fb553684e315cf59bb1b8ea4bbcff95bdb24
RaccoonStealer
34d6b5b7b09f0d4c0228f41f8e262278b3d9b9708d37be7f18b05bf6a79061ad
RaccoonStealer
6dde139997c94c4a3c9aaf4ce3c8113d67d649c4c5e8bd8da9c5b71a7853e3dd
RaccoonStealer
838e751256c2c80b0ea3299a6c9410033a4ae8eeb15fa5dc913a5e2d2b041c5a
RaccoonStealer
983d5da5a77bd35296ad8569ec9eeeb0b7984f9deadf4d7b65842275da53ca72
RaccoonStealer
a61d49a1253008d99edb3454be53014f5aca06bd41bd70b77ad2266a3579fcbe
RaccoonStealer
ae3ff9a6dba15d80bb39bfe3cac65cf0ffd3745b7cc5a3880465f727747a5804
RaccoonStealer
af0a3834638be40e679b27b8fe35a494906e3ef293e4ac5b16ceb1d198939d09
RaccoonStealer
c83c246441fe989317d94896673b0727422e96650cd1fc41f86f57797131a17f
RaccoonStealer
f8bd31f514d66552ce6512c5d48ea422a990b6e0d0d4251ccd25370048718c48
RaccoonStealer
+ 427 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-2bhwyws3c6/
Behaviour
Modifies system certificate store
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe 8092f7adff425c2972f2716e2d31fedb1057c692eb8f0d4ca65d1a97537932a7

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/379547/
  
Delivery method
Distributed via web download

Comments