Overview

overview

10

Static

static

10

5052-1224-...ry.exe

windows7-x64

1

5052-1224-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5052-1224-0x0000000000400000-0x0000000000418000-memory.dmp

  • Size

    96KB

  • MD5

    ee0295779a04df9e7fda6f7ce4510dbd

  • SHA1

    d4d18d7f2c54755c028b85817e9ae587bc7e4ddf

  • SHA256

    3285e4522f70822d77eb7cc91208239749cbb7a0079e7f9f1cc6c0485cac0967

  • SHA512

    62523a074e2e6400107f5889241396811a431871b8d9024fabe217eed0b73c419833c7b396c09fa936925938058b671bc99d6ef191b93bb920f8db902f2c1d66

  • SSDEEP

    1536:BJBM2XPrkZG0OPDvQapPsfvQ2LJ0naCvMq81wUSCL7mXT4HPFYS2mO:BJBM2XPrQEDoapPv2Lma09fE7aceS2mO

Score
10/10
071a7b18a42c1cd94de2fc5bb0bbcaf2raccoon

Malware Config

Extracted

Family

raccoon

Botnet

071a7b18a42c1cd94de2fc5bb0bbcaf2

C2

http://193.142.147.59:80

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5052-1224-0x0000000000400000-0x0000000000418000-memory.dmp
    .exe windows x86


    Headers

    Sections