Overview

overview

10

Static

static

10

3556-20-0x...ry.exe

windows7-x64

1

3556-20-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    3556-20-0x0000000000400000-0x000000000041C000-memory.dmp

  • Size

    112KB

  • MD5

    39fa0dc2cef5d0ea4c98d9ae1a4fbfac

  • SHA1

    50be6757add85ea41c33f50dbec2c71eaaee343e

  • SHA256

    884db2a775ae66d35ffd469e88e4f96723a86b9d7ee4c705541d9c11db7e2d73

  • SHA512

    97096c825e64ad2ce40a5d9203be6127d074d0d4d7062bc1c49eb55008d399c26952487768f12535851b41132aedc6b762e5badccd25fc82d5c5541aa6cd9233

  • SSDEEP

    3072:RANfQKMuflyKX9FBFya6mobwl5L6RJ//5OV3Sj:e0O9FBn6pbk8RJ/G3w

Score
10/10
5e2505d8647542f05843f89ae7cd18e7raccoon

Malware Config

Extracted

Family

raccoon

Botnet

5e2505d8647542f05843f89ae7cd18e7

C2

http://65.109.2.42:80/

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3556-20-0x0000000000400000-0x000000000041C000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections