General

  • Target

    2008-54-0x0000000000400000-0x000000000091F000-memory.dmp

  • Size

    5.1MB

  • MD5

    3b681ffe28200b9035a6444022538751

  • SHA1

    88173edf10e5cbb5e0c0bee9e73e855a4b188f11

  • SHA256

    39816f3011f853b3e9dffdeeeca56a905b7e421d7a73604fba5489bd9f914e30

  • SHA512

    bc826af88e9671ab4a298879cced4f0b91629ed6298ea4fced045c0dc4b0e53d24eaaed48c3d9b9ecddfaf671fcf951984f9142fa24eaec3463d537dbde1aed6

  • SSDEEP

    98304:Fi9lLmpFq1aQvVde8FivCeGDRsiScOXBgZrzyWGgRSL6O2jSk6adBNWuz+VRD0Mc:I2wUYZFwAurLXBazEgRSSjS5aT1z+/DS

Malware Config

Extracted

Family

raccoon

Botnet

540b1db0b12b23e63e6942952aa03e47

C2

http://45.9.74.36/

http://45.9.74.34/

rc4.plain
1
540b1db0b12b23e63e6942952aa03e47

Signatures

  • Raccoon family
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

Files

  • 2008-54-0x0000000000400000-0x000000000091F000-memory.dmp
    .exe windows x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.