Yara detected Raccoon Stealer v2
Multi AV Scanner detection for submitted file
Antivirus / Scanner detection for submitted sample
Snort IDS alert for network traffic
Writes to foreign memory regions
Tries to steal Crypto Currency Wallets
Machine Learning detection for sample
Allocates memory in foreign processes
Injects a PE file into a foreign processes
DLL side loading technique detected
Contains functionality to inject code into remote processes
Tries to harvest and steal browser information (history, passwords, etc)
Uses 32bit PE files
Antivirus or Machine Learning detection for unpacked file
Contains functionality to check if a debugger is running (IsDebuggerPresent)
PE file contains sections with non-standard names
Detected potential crypto function
Contains functionality to query CPU information (cpuid)
Found potential string decryption / allocating functions
Contains functionality to dynamically determine API calls
Found dropped PE file which has not been started or loaded
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Downloads executable code via HTTP
Is looking for software installed on the system
PE file contains an invalid checksum
Drops PE files
Contains functionality to read the PEB
PE / OLE file has an invalid certificate
PE file contains more sections than normal
Creates a process in suspended mode (likely to inject code)