DigitalSide Threat Intel

RaavanMailer_v8.6.1.zip

First submission 2024-10-18 03:10:06

File details

File type: Zip archive data, at least v1.0 to extract
Mime type: application/zip
File size: 44393.5 KB (45458949 bytes)
MD5: 2735623abee47831bf2dcef30870a57e
SHA1: b0564e408a465698005b0acbfb7dab56fcb3e408
SHA256: 89faf4b3102e15956c7b5545ef800e1b1bfb1a1e878032950f5152c80064edca

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 0/77 VT report date: 2024-10-17 19:27:23

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://3.94.86.69/files/RaavanMailer_v8.6.1.zip VirusTotal Report 3.94.86.69 VirusTotal Report 2024-10-18 03:10:06

Strings analysis - File found

Executable
;q`.so
Temporary
.TMp
XML
Release/System.IO.FileSystem.AccessControl.xml
Release/System.Threading.Tasks.Extensions.xml
Release/System.Numerics.Vectors.xml
Release/NReco.ImageGenerator.xml
Release/System.Diagnostics.DiagnosticSource.xml
Release/Newtonsoft.Json.xml
Release/System.Security.Principal.Windows.xml
Release/System.ClientModel.xml
Release/Microsoft.Extensions.DependencyInjection.Abstractions.xml
Release/itext.bouncy-castle-connector.xml
Release/Microsoft.Extensions.Logging.Abstractions.xml
Release/System.ValueTuple.xml
Release/System.Text.Encodings.Web.xml
Release/System.Memory.xml
Release/System.Text.Encoding.CodePages.xml
Release/Azure.Identity.xml
Release/itext.styledxmlparser.xml
Release/Microsoft.Data.SqlClient.xml
Release/itext.layout.xml
Release/Azure.Core.xml
Release/itext.barcodes.xml
Release/itext.svg.xml
Release/itext.forms.xml
Release/Microsoft.IdentityModel.JsonWebTokens.xml
Release/Google.Apis.xml
Release/HtmlAgilityPack.xml
Release/AngleSharp.xml
Release/System.Runtime.CompilerServices.Unsafe.xml
Release/itext.io.xml
Release/Bunifu_UI_v1.5.3.xml
Release/itext.pdfua.xml
Release/System.Formats.Asn1.xml
Release/Microsoft.Extensions.Logging.xml
Release/itext.kernel.xml
Release/System.Buffers.xml
Release/itext.commons.xml
Release/itext.pdfa.xml
Release/Google.Apis.Auth.xml
Release/System.Memory.Data.xml
Release/Microsoft.Identity.Client.Extensions.Msal.xml
Release/Microsoft.Bcl.AsyncInterfaces.xml
Release/System.Security.Permissions.xml
Release/Microsoft.IdentityModel.Protocols.xml
Release/System.Security.Cryptography.ProtectedData.xml
Release/Microsoft.IdentityModel.Logging.xml
Release/Google.Apis.Gmail.v1.xml
Release/MailKit.xml
Release/MimeKit.xml
Release/itextsharp.xml
Release/Microsoft.Identity.Client.xml
Release/Microsoft.IdentityModel.Tokens.xml
Release/Microsoft.IdentityModel.Protocols.OpenIdConnect.xml
Release/Google.Apis.Core.xml
Release/System.IdentityModel.Tokens.Jwt.xml
Release/System.Security.AccessControl.xml
Release/itext.sign.xml
Release/Microsoft.Extensions.Primitives.xml
Release/NReco.PdfGenerator.xml
Release/BouncyCastle.Cryptography.xml
Release/System.CodeDom.xml
Release/Microsoft.Extensions.Options.xml
Release/Microsoft.Extensions.DependencyInjection.xml
Release/Microsoft.IdentityModel.Abstractions.xml
Release/Microsoft.Bcl.TimeProvider.xml
Release/System.Text.Json.xml
Release/System.Configuration.ConfigurationManager.xml
Database
%.dB
Es1.db
Library
Release/itext.svg.dll
Release/Microsoft.Extensions.Options.dll
Release/MimeKit.dll
Release/System.Security.Permissions.dll
Release/System.Text.Encodings.Web.dll
Release/System.Text.Json.dll
Release/de-DE/Faker.Net.4.7.resources.dll
Release/Microsoft.Data.SqlClient.SNI.arm64.dll
Release/Microsoft.IdentityModel.Logging.dll
Release/System.IO.FileSystem.AccessControl.dll
Release/itext.pdfua.dll
Release/fr/Microsoft.Data.SqlClient.resources.dll
Release/Microsoft.Extensions.DependencyInjection.dll
Release/Azure.Core.dll
Release/Bunifu.Core.dll
Release/ru/Microsoft.Data.SqlClient.resources.dll
Release/System.Memory.Data.dll
Release/itext.layout.dll
Release/es/Microsoft.Data.SqlClient.resources.dll
Release/pt-BR/Microsoft.Data.SqlClient.resources.dll
Release/RandomNameGeneratorLibrary.dll
Release/zh-Hans/Microsoft.Data.SqlClient.resources.dll
Release/itext.styledxmlparser.dll
Release/Azure.Identity.dll
Release/Microsoft.Extensions.Primitives.dll
Release/Microsoft.IdentityModel.Abstractions.dll
Release/Microsoft.Bcl.TimeProvider.dll
Release/Microsoft.Data.SqlClient.dll
Release/BouncyCastle.Crypto.dll
Release/Bunifu_UI_v1.5.3.dll
Release/Google.Apis.dll
Release/System.Formats.Asn1.dll
Release/System.Diagnostics.DiagnosticSource.dll
Release/Microsoft.Identity.Client.dll
Release/Microsoft.IdentityModel.Tokens.dll
Release/System.Buffers.dll
Release/System.Threading.Tasks.Extensions.dll
Release/Microsoft.Data.SqlClient.SNI.x86.dll
Release/Microsoft.IdentityModel.Protocols.dll
Release/System.IdentityModel.Tokens.Jwt.dll
Release/it/Microsoft.Data.SqlClient.resources.dll
Release/itext.barcodes.dll
Release/Google.Apis.Gmail.v1.dll
Release/itext.bouncy-castle-connector.dll
Release/System.ClientModel.dll
Release/Microsoft.Identity.Client.Extensions.Msal.dll
Release/HtmlAgilityPack.dll
Release/BouncyCastle.Cryptography.dll
Release/Microsoft.IdentityModel.Protocols.OpenIdConnect.dll
Release/zh-Hant/Microsoft.Data.SqlClient.resources.dll
Release/System.Security.Principal.Windows.dll
Release/NReco.ImageGenerator.dll
Release/Google.Apis.Core.dll
Release/Faker.Net.4.7.dll
Release/ja/Microsoft.Data.SqlClient.resources.dll
Release/Microsoft.IdentityModel.JsonWebTokens.dll
Release/System.CodeDom.dll
Release/Microsoft.Data.SqlClient.SNI.x64.dll
Release/AngleSharp.dll
Release/itextsharp.dll
Release/System.Configuration.ConfigurationManager.dll
Release/itext.pdfa.dll
Release/itext.kernel.dll
Release/System.Runtime.CompilerServices.Unsafe.dll
Release/Newtonsoft.Json.dll
Release/itext.io.dll
Release/System.Security.AccessControl.dll
Release/itext.commons.dll
Release/System.Memory.dll
Release/itext.forms.dll
Release/System.ValueTuple.dll
Release/NReco.PdfGenerator.dll
Release/System.Security.Cryptography.ProtectedData.dll
Release/ko/Microsoft.Data.SqlClient.resources.dll
Release/Microsoft.Extensions.Logging.dll
Release/PreMailer.Net.dll
Release/itext.sign.dll
Release/Microsoft.Extensions.Logging.Abstractions.dll
Release/System.Numerics.Vectors.dll
Release/HTMLEditor.dll
Release/System.Text.Encoding.CodePages.dll
Release/Microsoft.Bcl.AsyncInterfaces.dll
Release/MailKit.dll
Release/Microsoft.Extensions.DependencyInjection.Abstractions.dll
Release/Google.Apis.Auth.dll
Release/de/Microsoft.Data.SqlClient.resources.dll