Overview

overview

10

Static

static

10

4876-492-0...ry.exe

windows7-x64

4876-492-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4876-492-0x0000000000400000-0x0000000000425000-memory.dmp

  • Size

    148KB

  • MD5

    3dd35d7cc847e2af09437d352ce5143b

  • SHA1

    047969c2f02782e550576d472b9fed95e4e09157

  • SHA256

    3c25fdf3cc6d22131f69c74c71ffd53c8f897d2e7ab8781895c38658691b145a

  • SHA512

    6c6ad3e1b2ee775769cb9caed4873ea638b9604754329dbb9d5d126076ffd52822d2aa435c47e147d125b3a81f724e3a467f88757889c54ec46a56afdad16367

  • SSDEEP

    1536:GY5KCXch1xZEVQnPjUMg0XfXBOwbzR14iwelTKMTarb57b8CBm0DasBIdPKz0geF:1Xch1x0QPtfEwP/wUaR7b8CBmChIZKq

Score
10/10
fc8427198f843d72c1aa8a66db1a98f3raccoon

Malware Config

Extracted

Family

raccoon

Botnet

fc8427198f843d72c1aa8a66db1a98f3

C2

http://91.235.234.235/

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4876-492-0x0000000000400000-0x0000000000425000-memory.dmp
    .exe windows x86


    Headers

    Sections