Overview

overview

10

Static

static

10

3824-444-0...ry.exe

windows7-x64

1

3824-444-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3824-444-0x0000000000400000-0x000000000041B000-memory.dmp

  • Size

    108KB

  • MD5

    df2d99fa35944b115e39f50d091a7808

  • SHA1

    88a8a4f77aa39f906c25111ddf07440b7722f151

  • SHA256

    811aa666b62d40e9cff4ba327429848237e76b5441d2406cd2af4265f3c2906c

  • SHA512

    e1b526ec2a6bdc399a7b246957b407670e666b7cf8b63eb9b92475b8a3180f63a527e48442dea79c2726bd2079c39aca15d802b117b09586e25286261c45d1d0

  • SSDEEP

    3072:VANfQKMuflyKX9FBFya6mobrlEL6RJ//5O:60O9FBn6pbBbRJ/

Score
10/10
86a7f0a811515f6c66191dc766ec7b2fraccoon

Malware Config

Extracted

Family

raccoon

Botnet

86a7f0a811515f6c66191dc766ec7b2f

C2

http://216.238.101.101:80/

http://194.87.31
Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3824-444-0x0000000000400000-0x000000000041B000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections