Overview

overview

10

Static

static

5056d9c299...9a.exe

windows7_x64

10

5056d9c299...9a.exe

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    194s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    31-05-2021 06:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5056d9c299317929d9f11be9f1858c9a.exe

  • Size

    576KB

  • MD5

    5056d9c299317929d9f11be9f1858c9a

  • SHA1

    5e206d93bcbc31a6b9a87a8966599690938b66e1

  • SHA256

    4b6b6d5e17ad6e15bbe3ea479b43761a8e1fe173cd755e6f72ea2f2ffdb1cdce

  • SHA512

    43d580bdb9434df9a362512e8ea4bf6569a8b4ca2d4773c78adefa02bf4e3df397f10e964088ef4bada97b590891ff1eba7cc9870ee8378800255bc3d0e299a9

Score
10/10
raccoona5cce470ad0d57aff9fa94b5ee2c0c1fc2d802afstealer

Malware Config

Extracted

Family

raccoon

Botnet

a5cce470ad0d57aff9fa94b5ee2c0c1fc2d802af

Attributes
  • url4cnc

    https://tttttt.me/baudemars

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\5056d9c299317929d9f11be9f1858c9a.exe
    "C:\Users\Admin\AppData\Local\Temp\5056d9c299317929d9f11be9f1858c9a.exe"
    1⤵
      PID:1100

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1100-59-0x0000000075AF1000-0x0000000075AF3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1100-60-0x0000000001C20000-0x0000000001CB1000-memory.dmp
      Filesize

      580KB

      Download
    • memory/1100-61-0x0000000000400000-0x0000000000498000-memory.dmp
      Filesize

      608KB

      Download