Overview

overview

10

Static

static

10

3932-404-0...ry.exe

windows7-x64

3932-404-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3932-404-0x0000000000400000-0x0000000000425000-memory.dmp

  • Size

    148KB

  • MD5

    ffac667560b39e141e487ba4f16f845e

  • SHA1

    ac975a2e8cdb2daa820052df0eaffa8289d328af

  • SHA256

    f2965f63d863af03c70bd16d46c49b759c5173c7a1ab9504c482bbe67ad9a501

  • SHA512

    8c72ca8bf1de4feefdf28c62e895d2a4c6e1d21efec6de1f808f533fcb36b30dee5abcc0b0c8d5ce2a0fa81f737c1ee85f25fc38a0e66fccbff9afccb8ef2153

  • SSDEEP

    1536:GY5KCXch1xZEVQnPjUMg0XfXBOwbzR14iwelTKMTarb57b8CBm0DasBIdPKz0def:1Xch1x0QPtfEwP/wUaR7b8CBmChIZKJ

Score
10/10
fc8427198f843d72c1aa8a66db1a98f3raccoon

Malware Config

Extracted

Family

raccoon

Botnet

fc8427198f843d72c1aa8a66db1a98f3

C2

http://91.235.234.235/

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3932-404-0x0000000000400000-0x0000000000425000-memory.dmp
    .exe windows x86


    Headers

    Sections