Overview

overview

10

Static

static

10

3496-268-0...ry.exe

windows7-x64

3496-268-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3496-268-0x0000000000400000-0x0000000000425000-memory.dmp

  • Size

    148KB

  • MD5

    d47f37d7e4a3761981df7fef5296aa66

  • SHA1

    8a20ffa4b478b6738a4711fa6e17ec654cd3ef4e

  • SHA256

    a0fb256f701462a7f72948305d4b50e8a5504758f98faface89a6d78ead5b2cc

  • SHA512

    a1aa45d9aec75324e6204c40a3629106608cc1b549359f9871b998a07b37d40bba8c0ebd69652dde09f1b6d24c2db98123757f78d700bcef9e6c6ef73b62cce5

  • SSDEEP

    1536:GY5KCXch1xZEVQnPjUMg0XfXBOwbzR14iwelTKMTarb57b8CBm0DasBIdPKz0fex:1Xch1x0QPtfEwP/wUaR7b8CBmChIZK7

Score
10/10
051b76750ec3fdeb68bf42167dbfc18eraccoon

Malware Config

Extracted

Family

raccoon

Botnet

051b76750ec3fdeb68bf42167dbfc18e

C2

http://185.247.184.58/

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3496-268-0x0000000000400000-0x0000000000425000-memory.dmp
    .exe windows x86


    Headers

    Sections