Overview

overview

10

Static

static

10

2820-57-0x...ry.exe

windows7-x64

1

2820-57-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2820-57-0x0000000000400000-0x00000000004E3000-memory.dmp

  • Size

    908KB

  • MD5

    98bdc21e05136a02680b677398f19a19

  • SHA1

    99b93ab6cfcb0eae319bdcc17f936d7f8a454b25

  • SHA256

    05626d99ab1e1aa7969f92a3a4fe88339c0354125ff5be1a2906f969169511ac

  • SHA512

    ee145bdc8ff4f031f45d378cfaa8eaedf7db9b419f0353474624dfaa069ff6cef0db787c954df56ec588533b923b54fdd0b2b7f1fe89398e8fa4fdc6a1fa59b8

  • SSDEEP

    1536:T2t4cybq56O44Wi7Z2DYEXjgJRpHLuPNqKzYs4TyL/fQr8DAzRZ+IHm5L+Cf1z3:YyoWPYETgjpreNbYs4TaB4RZI5LT

Score
10/10
6e489b600db6a7cfd6a1b65b9a5a61ebraccoon

Malware Config

Extracted

Family

raccoon

Botnet

6e489b600db6a7cfd6a1b65b9a5a61eb

C2

http://5.78.111.161:8088/

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2820-57-0x0000000000400000-0x00000000004E3000-memory.dmp
    .exe windows x86


    Headers

    Sections