Summary | ZeroBOX

img32.jpg

Raccoon Stealer Generic Malware UPX PE32 PE File
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 5, 2021, 7:08 p.m. Aug. 5, 2021, 7:10 p.m.
Size 240.7KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 7ce0b9ede7956ce43eed5605c01be944
SHA256 235bcc9dd72de0c5ee65fce42857fe4e341915bb53a731efbf5e986f9cdd4434
CRC32 C3704560
ssdeep 6144:8gDjEcHIBTYYkxm2WNVN4YkOHaoe338IE:8HIfBroVN2meXE
Yara
  • UPX_Zero - UPX packed file
  • Raccoon_Stealer_1_Zero - Raccoon Stealer
  • Generic_Malware_Zero - Generic Malware
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00037000', u'virtual_address': u'0x00001000', u'entropy': 7.621938453091673, u'name': u'.text', u'virtual_size': u'0x000365e0'} entropy 7.62193845309 description A section with a high entropy has been found
entropy 0.964912280702 description Overall entropy of this PE file is high
Bkav W32.AIDetect.malware2
Lionic Trojan.Win32.NetWiredRC.m!c
Elastic malicious (high confidence)
ClamAV Win.Malware.Generic-9881402-0
Malwarebytes Trojan.Injector
CrowdStrike win/malicious_confidence_90% (W)
Alibaba Backdoor:Win32/NetWiredRC.db278d15
K7GW Trojan ( 0057ffa61 )
K7AntiVirus Trojan ( 0057ffa61 )
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Injector.EPVL
TrendMicro-HouseCall TROJ_GEN.R002H0CH421
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky Backdoor.Win32.NetWiredRC.lrt
Avast Win32:InjectorX-gen [Trj]
Tencent Win32.Backdoor.Netwiredrc.Ammi
McAfee-GW-Edition Artemis!Trojan
FireEye Generic.mg.7ce0b9ede7956ce4
Sophos Mal/Generic-S
APEX Malicious
Webroot W32.Injector.Gen
Microsoft Trojan:Win32/Sabsik.FL.B!ml
SentinelOne Static AI - Suspicious PE
McAfee Artemis!7CE0B9EDE795
Cylance Unsafe
Rising Trojan.Injector!1.C6AF (CLASSIC)
eGambit PE.Heur.InvalidSig
Fortinet W32/NetWiredRC.LRT!tr.bdr
MaxSecure Trojan.Malware.300983.susgen
AVG Win32:InjectorX-gen [Trj]
Cybereason malicious.c31372
Qihoo-360 Win32/Backdoor.NetWire.HxQBC38A