OriginLogger Loader

Conclusion Origin Logger is a variant of Agent tesla, it is build on top of it and uses all of its capabilities. The malware is spreading using spam emails with a malicious attachments. The malware exfiltrate user accounts and passwords and other information from the infected machine. Infection through Email the infection is started with spam email attached by .iso File the .ISO file contains only an executable with a PDF icon.

Raccoon Stealer

Conclusion Raccoon Stealer V2 (or RecordBreaker) Is a stealer that provided as a service with about 200$/m. It is a new version of Raccoon stealer that appeared in 2019 and died for a while then it returns with this new Stealer which known as RecordBreaker. It Comes with a lot of capabilities, It can grab a lot of sensitive information like : Steal Victim System information Steal Victim Username and passwords stored in the browser Steal Victim Browser’s Autofill Information Steal Credit Card information Steal Crypto wallets Information Steal Bitcoin Wallets Grab any file from the victim system Take Screenshots from the victim system Load next stage Analysis First Look First we start with basic analysis, using Detect it easy we see that the file seems to be not packed.