Overview

overview

10

Static

static

10

568-1223-0...ry.exe

windows7-x64

1

568-1223-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    568-1223-0x0000000000400000-0x0000000000418000-memory.dmp

  • Size

    96KB

  • MD5

    90223d0d7937c51e6bcfb11def5f0234

  • SHA1

    8624c4e62443c592182487ec2e0f73f59b876f3a

  • SHA256

    dc24b4bc215bd42a910487c40de840dabaeae482698f9723d4a28a4ffc43b819

  • SHA512

    afcb64ea1451f3ae7a999bd066a2dd22ab814f890df4dbabeb839d49f19d5b2ed9847ce24c3bbacaa3fccc47de2a28182a8ab068737b40f23438e4612ce42d3c

  • SSDEEP

    1536:BJBM2XPrkZG0OPDvQapPsfvQ2LJ0naCvMq81wUSCL7/XT5HPFYS2mO:BJBM2XPrQEDoapPv2Lma09fE77BeS2mO

Score
10/10
fa72f4c1fbe65cee8651140fd47267baraccoon

Malware Config

Extracted

Family

raccoon

Botnet

fa72f4c1fbe65cee8651140fd47267ba

C2

http://193.142.147.59:80

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 568-1223-0x0000000000400000-0x0000000000418000-memory.dmp
    .exe windows x86


    Headers

    Sections