Overview

overview

10

Static

static

10

3032-56-0x...ry.exe

windows7-x64

1

3032-56-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3032-56-0x0000000000400000-0x0000000001B46000-memory.dmp

  • Size

    23.3MB

  • MD5

    facb3ed44f014e8c10c1d6796b7d05c1

  • SHA1

    1fd89fa38105d34726bcb5ca5a8cbccb2afc7104

  • SHA256

    5efc4d8d0488b3dbd92cc262cb53ab42c798c44b77fc8798e58687afa73f696e

  • SHA512

    f2010b3a7fea9fc20effe2aa744296881ae137f3cecbbd315539c17600f0489913f8aba5075eb1856e5b73107ccefc42aa85eb6ee9010a4bc0e48c802f20a447

  • SSDEEP

    3072:YyEwi19qIEM0vclPgyI/MQFep6DOvJFBVZ61CqTB:YDwe6vclPqEQFMTvJh

Score
10/10
6bb5fbdb7121bc7ea628330bef79c129raccoon

Malware Config

Extracted

Family

raccoon

Botnet

6bb5fbdb7121bc7ea628330bef79c129

C2

http://5.78.78.150:8088/

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3032-56-0x0000000000400000-0x0000000001B46000-memory.dmp
    .exe windows x86


    Headers

    Sections