Overview

overview

10

Static

static

10

50f561724d...a7.exe

windows7-x64

10

50f561724d...a7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50f561724dbbc0c2b1db1bd004ecf3c939e330987a7d9be86aa0f7a6cbe0b0a7

  • Size

    97KB

  • MD5

    3c74eb775485eb60c3afcdedc11a6403

  • SHA1

    26464fb9cdbd43d6e4d81da3dbb48106c5df3c16

  • SHA256

    50f561724dbbc0c2b1db1bd004ecf3c939e330987a7d9be86aa0f7a6cbe0b0a7

  • SHA512

    ba5a737ae4aac3fa502e400dcca04f6819128161aad6bb1969769aba022fa65b6eb5e35efdec24f3d608c5cd6b9abf214012b79c0f6e217fc936435d29725356

  • SSDEEP

    3072:lANfQKMuflyKX9FBFya6mob2lqL6RJ//SY:q0O9FBn6pb+tRJ/

Score
10/10
5af94340eb260dc0fdec808e00cd2757raccoon

Malware Config

Extracted

Family

raccoon

Botnet

5af94340eb260dc0fdec808e00cd2757

C2

http://185.193.125.199:8787

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 50f561724dbbc0c2b1db1bd004ecf3c939e330987a7d9be86aa0f7a6cbe0b0a7
    .exe windows:6 windows x86


    Headers

    Sections