General
-
Target
340-2-0x0000000000400000-0x0000000002434000-memory.dmp
-
Size
32.2MB
-
MD5
7e88e7670c925f9b24733920f1667629
-
SHA1
c760fa589340351b8a8c98b2cf531012a8a15cab
-
SHA256
b37d156d9e373c12d75430799f345bf0e2b06559796decbec6c9f03d35358123
-
SHA512
b62f532474a457bc3d0fddc91273b31562f4657c2661f97754c0210e13535850156d565b562a5f792b5f2f3a7aec82d2b9f827c29499b7f2dc53758889fefe30
-
SSDEEP
3072:VANfQKMuflyKX9FBFya6mobAlOL6RJ//5OdyTeGH1LxC3ny7GWNALjdpZ5JGfF2o:60O9FBn6pb05RJ/6yKGH9xC3y7Wk92n
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
9c05379df6f1d02ae49f9ee18aad8c17
C2
http://5.78.80.43:8388/
Attributes
-
user_agent
SunShineMoonLight
xor.plain
Signatures
-
Raccoon Stealer payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
340-2-0x0000000000400000-0x0000000002434000-memory.dmp
Headers
Sections