General
-
Target
624-33-0x0000000000400000-0x0000000000497000-memory.dmp
-
Size
604KB
-
MD5
a92894f84493cd850d5b25dc33561894
-
SHA1
7fb30fcb2077e32281411a4fa7aeed72b2dc8b22
-
SHA256
a2af7b3f23a1ac79c324ac63fc9214f4aaeff4b4eea8a39732a26931b5bc24ae
-
SHA512
cb5916bb95a4294495d30d080df314119959d574c9b474b09148e8496a1cb0145f3796abba6ca10d4ee2df46b9a892addca4ba2349056f34f4f39afc626a8654
-
SSDEEP
6144:W0O9FBn6pb30RJ/of/STC47MSzISIyTc6TD:bO9FBni3CJB+4QScSII
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
06c02dbb2bc71b35b706e4b2e04d7f00
C2
http://149.248.79.83:80/
Attributes
-
user_agent
SunShineMoonLight
xor.plain
Signatures
-
Raccoon Stealer payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
624-33-0x0000000000400000-0x0000000000497000-memory.dmp
Headers
Sections