Overview

overview

10

Static

static

10

1228-55-0x...ry.exe

windows7-x64

1

1228-55-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1228-55-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • MD5

    64d840c9e462fd234c6426a170ba4080

  • SHA1

    870752d63fe4a711ee960e6dbee29f69793803bf

  • SHA256

    b619f2969a640aefb49857462a1b4118db2e6ebbc45f53603833a1da3e209c0d

  • SHA512

    f1ab7608aa73493147bbc430b73b9ad8d8acc515e06d933dc04984382215757b5438bc30f7f38084888386ae1051daaeb9b7a0a1b8b8463bf9384f7ff95db4f6

  • SSDEEP

    1536:IVp01Eca2z/LvhbUDZUN1T04K3rJJOFOE:j1EcfBUDZi03K

Score
10/10
94c54520400750937a6f1bf6044f8667raccoon

Malware Config

Extracted

Family

raccoon

Botnet

94c54520400750937a6f1bf6044f8667

C2

http://194.37.80.221/

xor.plain

Signatures

  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1228-55-0x0000000000400000-0x0000000000412000-memory.dmp
    .exe windows x86


    Headers

    Sections