Overview

overview

10

Static

static

10

3512-465-0...ry.exe

windows7-x64

3512-465-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3512-465-0x0000000000400000-0x0000000000425000-memory.dmp

  • Size

    148KB

  • MD5

    3f5a8f45dacb741212ebca24bfa80fdc

  • SHA1

    567919e0c93dbf5ea0d1d26bf96984ddbcc6ab0a

  • SHA256

    4fdbf7bd767e79b74ad7daf3256cc55ce4de85857e539c1674fef905d29d6035

  • SHA512

    d472f0326e8703b94aa07376adea02253121c9286132e911b9dfa279309b1a9b735cf0dd4ffa22a441228857e23019a301a4add989f646ba586eb04be45b577b

  • SSDEEP

    3072:1Xch1x0QPtfEwP/wUaR7b8CBmChIZKgZ:1cNf7P/wxlb7BmH

Score
10/10
fc8427198f843d72c1aa8a66db1a98f3raccoon

Malware Config

Extracted

Family

raccoon

Botnet

fc8427198f843d72c1aa8a66db1a98f3

C2

http://91.235.234.235/

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3512-465-0x0000000000400000-0x0000000000425000-memory.dmp
    .exe windows x86


    Headers

    Sections