MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a487b4e1e29512e1d0896e18b9683a996423a8b4efbb3e1a7b99045e5b7473da. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

RaccoonStealer

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	a487b4e1e29512e1d0896e18b9683a996423a8b4efbb3e1a7b99045e5b7473da
SHA3-384 hash:	ec3681c1c67082a499695f171c241444a56c9a0331e576acb6477d6f1b58847b34caa0d0febfc374c578e1f227e1e170
SHA1 hash:	89b54630a029eeee0c7f655ba94fb9a059ce66cf
MD5 hash:	1948edbaed64906de604142fb5eb8ba0
humanhash:	west-high-comet-emma
File name:	SKM_C258201001130020005057.IMG
Download:	download sample
Signature	RaccoonStealer Create hunting rule
File size:	1'245'184 bytes
First seen:	2021-09-29 06:58:43 UTC
Last seen:	Never
File type:	img
MIME type:	application/x-iso9660-image
ssdeep	1536:+CmImbfhgB6dCvz6r5pmwqf7Yh0Fy6XuWtN+70pKXQlf+3D:He5pmd7NVfN+70pKXQlfm
TLSH	T10F450A00B7855B53D63C7CBA02533A0413F39AE63E26D2273F5D65EAA346EC65F0D18A
Reporter	cocaman
Tags:	img RaccoonStealer

cocaman

Malicious email (T1566.001)
From: ""USPS" <usps@greenbergmerola.coml>" (likely spoofed)
Received: "from bizcloud-greenbergmerola.com (unknown [159.65.70.219]) "
Date: "Tue, 28 Sep 2021 17:23:24 +0000"
Subject: "Your Parcel Arrived"
Attachment: "SKM_C258201001130020005057.IMG"