MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dadd00262330390a9103ffd2dd3bac372a885a7d3cf6161d3eae10957a5bc37e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara 2 Comments

SHA256 hash: dadd00262330390a9103ffd2dd3bac372a885a7d3cf6161d3eae10957a5bc37e
SHA3-384 hash: 8dd0f301e1aecb47de42a0e259f409ab117e8ab4ee46482f75d3c8fc138aefcdbc7076c92acb747f059c51ded6586a61
SHA1 hash: e6c7137c21ab9848fe3ac9d4d16a2e0e7ae69ed1
MD5 hash: 98d882cf61f9965223368be03aa58701
humanhash: alabama-seven-fillet-michigan
File name:98d882cf61f9965223368be03aa58701.exe
Download: download sample
Signature RaccoonStealer
File size:480'768 bytes
First seen:2020-06-30 12:35:06 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 2302c7d2bec8288d05bcff6e73d703af
ssdeep 6144:uQo5I99MEW7JxdAvqJrUujI0xOIiZo/rY3uUwfDKdV9NoxZ8kiykDjyAHwuZ3bki:h9MEW7Jx500x+cYeU4bZ8kixaxu1ksq
TLSH F5A4011277A1F072E0917970D838E2B15A2D7C31896468CF7B50FB3E7E726E0CA69716
Reporter @abuse_ch
Tags:exe RaccoonStealer


Twitter
@abuse_ch
RaccoonStealer C2:
http://35.223.217.188/gate/log.php

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 24
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/17149/
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:raccoon
Link: https://mwdb.cert.pl/sample/dadd00262330390a9103ffd2dd3bac372a885a7d3cf6161d3eae10957a5bc37e/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 12:37:04 UTC
AV detection:20 of 31 (64.52%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:raccoon
Link: https://tria.ge/reports/200630-w9j38rkdk2/
Tags:ransomware spyware discovery stealer family:raccoon
VirusTotal:Virustotal results 30.14%

Yara Signatures


Rule name:win_raccoon_a0
Author:Slavo Greminger, SWITCH-CERT
Rule name:win_raccoon_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RaccoonStealer

Executable exe dadd00262330390a9103ffd2dd3bac372a885a7d3cf6161d3eae10957a5bc37e

(this sample)

  
Delivery method
Distributed via web download

Comments