Overview

overview

10

Static

static

10

4120-633-0...ry.exe

windows7-x64

1

4120-633-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4120-633-0x0000000000400000-0x000000000041B000-memory.dmp

  • Size

    108KB

  • MD5

    63c135872ded716a5d5129d39aef8eda

  • SHA1

    e03800d4d0ea6dfaeb4096ca72ed551d132b6c5f

  • SHA256

    23424c6b709b60f15000968b6aa00b71dc6f8a1058a4945724a6e2f0d8d6b486

  • SHA512

    e0dc1b03064aab424d72f5527cfc182bcdda8f2070045af14aa618a5db3671f873dbfc0033956b438e19a1fe2c970aee5efe851be2847ff344f4ad0c9f298e87

  • SSDEEP

    3072:VANfQKMuflyKX9FBFya6mobulzL6RJ//5O:60O9FBn6pbGqRJ/

Score
10/10
5deca8f8467af8bb055ed4c7694228bfraccoon

Malware Config

Extracted

Family

raccoon

Botnet

5deca8f8467af8bb055ed4c7694228bf

C2

http://91.103.252.209:80/

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4120-633-0x0000000000400000-0x000000000041B000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections