General
-
Target
2072-2-0x0000000000400000-0x0000000000710000-memory.dmp
-
Size
3.1MB
-
MD5
b205851de31ad61f936bfd859ce30fcf
-
SHA1
13feab0ab9c3094aacb7d33956a4acd7a2039812
-
SHA256
e7a06334a6e0dba9c28d79d430aaaef9546e3155549aeb7557d5ba3ec8c8640e
-
SHA512
296f170bcf8c8375d91ed10f9831eafd8838dcb46dea09917ed21ec584ed797d0567247b0743671432c0ccf9aaa75d698e2e4633512f26c50ad2af7d624e69da
-
SSDEEP
3072:yEfIr0usN5rtB+U7ITo+StMTErFDYpcO2BfNCwkE9VnjnB:yyttI0PtFRh7rnj
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
0da2e3700aa6f05465fdfc323d371488
C2
http://94.142.138.19:80
Attributes
-
user_agent
GeekingToTheMoon
xor.plain
Signatures
-
Raccoon Stealer payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2072-2-0x0000000000400000-0x0000000000710000-memory.dmp
Headers
Sections