Overview

overview

10

Static

static

10

3940-176-0...ry.exe

windows7-x64

3940-176-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3940-176-0x0000000000400000-0x0000000000445000-memory.dmp

  • Size

    276KB

  • MD5

    5ff2bbab22a89cc7ae4b026054306221

  • SHA1

    1d507733c46ae18ecc51feb380fb39df96835457

  • SHA256

    ac148d19031ac539e9453e7b1df6b85685bcd5696ab9d706ed4eb98f8da3ed71

  • SHA512

    de25946327953d79a00c001640599acff178689e010dadab84b2d6e95356318cb0ca1b0c4e42a7f5eead62c0c537521b6bb7fb57faba3f2da6a79d9432ad765c

  • SSDEEP

    6144:icNf7P/wxlb7BmHz9No59hdjhkeCFWO3EMQ:FN7pP6zM

Score
10/10
fc8427198f843d72c1aa8a66db1a98f3raccoon

Malware Config

Extracted

Family

raccoon

Botnet

fc8427198f843d72c1aa8a66db1a98f3

C2

http://193.149.180.192/

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3940-176-0x0000000000400000-0x0000000000445000-memory.dmp
    .exe windows x86


    Headers

    Sections