Overview

overview

10

Static

static

10

1860-133-0...ry.exe

windows7-x64

1860-133-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1860-133-0x0000000000400000-0x0000000000425000-memory.dmp

  • Size

    148KB

  • MD5

    5f28a36f32de19592e86a5dc7a85f119

  • SHA1

    9575e51de213f2a51d69a65f08f6af383f1d9b37

  • SHA256

    33658f6905dd316a07ed40d3579da40b4c4e4d7c0ef94c2a74f0c234f08d4625

  • SHA512

    86a1af3371b5fb30f25ab97840959c8275e76e089d5e68480819c791e96a837fd49e07ea2b84d7704a987cc0f9a71c6d2c0b7f5e8a04075b27e8d74cd00b1fd7

  • SSDEEP

    1536:GY5KCXch1xZEVQnPjUMg0XfXBOwbzR14iwelTKMTarb57b8CBm0DasBIdPKz0fex:1Xch1x0QPtfEwP/wUaR7b8CBmChIZK7

Score
10/10
b11c37ed36597cb6d2adb8b6280a6e12raccoon

Malware Config

Extracted

Family

raccoon

Botnet

b11c37ed36597cb6d2adb8b6280a6e12

C2

http://94.142.138.32

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1860-133-0x0000000000400000-0x0000000000425000-memory.dmp
    .exe windows x86


    Headers

    Sections