General
-
Target
1824-104-0x0000000000400000-0x000000000041C000-memory.dmp
-
Size
112KB
-
MD5
8b9e1e4a3e8492997d4b019cf21749a2
-
SHA1
84af6d37f51e0b25b6e6986ed29e37f56a5d7adb
-
SHA256
2752d53d461f9fed8cf7aa64bb6c9b47d979fe4a638e115a57081cbef5823d35
-
SHA512
e7d005f5e9194c07a8f266228699c4eb2a0565f875a6aef2ad730c104b314bcc26f71f9550ca4f30c46a425787e259acfc6577765b40ba2ba5fdefa3006687c2
-
SSDEEP
3072:oEfIr0usN5rtB+U7ITo+StwTEAFDYpcOttnt3:oyttI0PtJI+nt3
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
4fd5203c1fc4dac79a7960272b609592
C2
http://5.206.224.46:80
Attributes
-
user_agent
GeekingToTheMoon
xor.plain
Signatures
-
Raccoon Stealer payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1824-104-0x0000000000400000-0x000000000041C000-memory.dmp
Headers
Sections