Advertised as a 'Malware-as-a-Service' (MaaS) threat on various cybercriminal forums, Raccoon is an information stealer targeting victim credentials and cryptocurrency wallets. Seemingly favored by some threat actors due to its simplicity, the malware element of Raccoon omits advanced features, such as those used to evade detection, and instead focuses on the 'stealer' task in hand. Whilst this approach requires those deploying the threat to utilize third-party tools for evasion, such as cryptors or packers to thwart signature-based detection, the ongoing popularity and apparent success of Raccoon suggests that this has not been a problem for many. Lacking their own distribution method, recently observed Raccoon incidents appear to begin with the delivery of malicious document attachments sent via an indiscriminate unsolicited email (malspam) campaign. It is also reported that Raccoon malware has been dropped using third-party exploit kits and other malware families.