Overview

overview

10

Static

static

10

1900-62-0x...ry.exe

windows7-x64

1

1900-62-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1900-62-0x0000000001370000-0x0000000001C02000-memory.dmp

  • Size

    8.6MB

  • MD5

    051961374e6a42a1208514a531339619

  • SHA1

    99ec0920d2f417aa56ad326084eb83ef08e59832

  • SHA256

    b5594d6052a550a4de3c2fd8bb25613bf54fcafc169c7ca33573b0cc62da81b1

  • SHA512

    4b085c541eaf250741da60c79a3e43649fcea923449f47a5950c73b74d75c3a2d4daf6055e0e70b0398594f9043d2239f774304386e0d598b0496c9de6b41a47

  • SSDEEP

    98304:4lCe8fJ+0f/FUwWNrjRxj7mvh1o4/GRxzqtCN6HBdqCr1HU6bF0+0EBjyLWyGKNI:a8f4+nWRRxjKI4/I5qQN6Jr106E0oG

Score
10/10
vmprotect3d7feaf596b73f06759c9dbaa8490e71raccoon

Malware Config

Extracted

Family

raccoon

Botnet

3d7feaf596b73f06759c9dbaa8490e71

C2

http://146.19.247.151/

rc4.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Files

  • 1900-62-0x0000000001370000-0x0000000001C02000-memory.dmp
    .exe windows x86


    Headers

    Sections