2ad5f75c513d2c04d919089da447c26c.exe

General
Target

2ad5f75c513d2c04d919089da447c26c.exe

Filesize

667KB

Completed

30-06-2020 08:51

Score
10 /10
MD5

2ad5f75c513d2c04d919089da447c26c

SHA1

8d8ed7159184b38118333b036b1548722f8e3c62

SHA256

f1202fc6dd5316b3532deee6847c5ef3ae472ad51fd764f64b03ebc8dc13c723

Malware Config

Extracted

Path C:\Users\Admin\AppData\LocalLow\machineinfo.txt
Family raccoon
Ransom Note
[Raccoon Stealer] - v1.5.11 Release Build compiled on Fri May 8 14:39:40 2020 Launched at: 2020.06.30 - 08:49:22 GMT Bot_ID: BAE8C589-5DA1-4C62-BE46-F8D74908CB8C_Admin Running on a desktop =R=A=C=C=O=O=N= System Information: - System Language: English - System TimeZone: -0 hrs - IP: 154.61.71.51 - Location: 37.750999, -97.821999 | ?, ?, United States (?) - ComputerName: AVGLFESB - Username: Admin - Windows version: NT 6.1 - Product name: Windows 7 Professional - System arch: x64 - CPU: Persocon Processor 2.5+ (2 cores) - RAM: 2047 MB (400 MB used) - Screen resolution: 1280x720 - Display devices: 0) Standard VGA Graphics Adapter ============
Signatures

Filter: None

    Processes
    Network
    Replay Monitor
    00:00 00:00
    Downloads
    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\freebl3.dll

    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\freebl3.dll

    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\mozglue.dll

    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\msvcp140.dll

    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\nss3.dll

    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\softokn3.dll

    • \Users\Admin\AppData\LocalLow\3098htrhpen8ifg0\vcruntime140.dll

    • \Users\Admin\AppData\LocalLow\sqlite3.dll

    • memory/1064-0-0x0000000001BAC000-0x0000000001BAD000-memory.dmp

    • memory/1064-1-0x00000000033B0000-0x00000000033C1000-memory.dmp

    • memory/1824-10-0x0000000000000000-mapping.dmp

    • memory/1836-11-0x0000000000000000-mapping.dmp