MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d4580d369c916d7b10d162f0569a80211f87591905a8a1514b660f10e77f3ec7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara 2 Comments

SHA256 hash: d4580d369c916d7b10d162f0569a80211f87591905a8a1514b660f10e77f3ec7
SHA3-384 hash: 1495f9dc60c90e9e3a669b9ebbaad80423df64686ba605d78ab04b20d96f984919d975611609885c71798074e7a055b7
SHA1 hash: fc6776a54cfb15967aabea74c131c86c1e8f1fcd
MD5 hash: bead5dfd7b20f087a2439a4268416897
humanhash: paris-emma-maryland-georgia
File name:bead5dfd7b20f087a2439a4268416897.exe
Download: download sample
Signature RaccoonStealer
File size:479'744 bytes
First seen:2020-06-30 13:43:48 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f5d5443ed108c778ddd43c210205d9bd
ssdeep 12288:+abjDMd0iB26mBvzCMo2jGAAenRP7onQq:BLMFBb0nRP7onQq
TLSH 46A401823B6DF4F2D4426171A920E2B5497D6830D6255687BBB43B3EBF316E0533E70A
Reporter @abuse_ch
Tags:exe RaccoonStealer


Mail intelligence No data
# of uploads 1
# of downloads 35
Origin country US US
CAPE Sandbox Detection:n/a
CERT.PL MWDB Detection:raccoon
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 12:41:47 UTC
AV detection:28 of 48 (58.33%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Tags:ransomware evasion spyware trojan discovery stealer family:raccoon
VirusTotal:Virustotal results 22.22%

Yara Signatures

Rule name:win_raccoon_a0
Author:Slavo Greminger, SWITCH-CERT
Rule name:win_raccoon_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe d4580d369c916d7b10d162f0569a80211f87591905a8a1514b660f10e77f3ec7

(this sample)

Delivery method
Distributed via web download