General
-
Target
testim.exe
-
Size
50KB
-
MD5
c4daf7d192051084f86d3a1e59a54b5c
-
SHA1
d37696a7aaa38f635a4e141de5676b4dd8e31d24
-
SHA256
c7a7929e63b2b6d66e4a7f635e3eafbde6395f535b6309284a61f1ffa2574c22
-
SHA512
8dbf535735e58bff034928bd124779627a73eb9d6271676468f5a9761f91dea8ac650fbbb1a4ca50365efbae366d1bc4775df17fafe41ca0d7f1ab108a0fa06e
-
SSDEEP
768:TVcCo1dt4cybqx7P9vm9Rg6+E7apmW8mski:T2t4cybq56O84
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
3bba6bdffad58ab26c21139b4d8dd3ad
C2
http://91.103.252.140:80y
xor.plain
Signatures
-
Raccoon Stealer payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
testim.exe
8293f3c89c8bdc2a5d082fbe7d24c76c
Headers
Imports
Sections