Overview

overview

10

Static

static

10

1700-2-0x0...ry.exe

windows7-x64

1

1700-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1700-2-0x0000000000400000-0x0000000002287000-memory.dmp

  • Size

    30.5MB

  • MD5

    85d3dae139dd7f16548bacc54ed0a2b5

  • SHA1

    eca210c5bd1fff45fc971f757969560f59dc81ef

  • SHA256

    69f6af4c67bb042ae607124491e4558ad5d170f7aea766707d2f8f3ba297af14

  • SHA512

    fc34bb08758e3e5d32de47d832460a5cff5442360242bf678179ea41f2a0f14a5e1e1aa7cf143d2d89f0627c0b127a9c3d81708a456582c8897bd18f4ccf26e6

  • SSDEEP

    3072:VANfQKMuflyKX9FBFya6mobSlqL6RJ//5Ok69zlmBMQn/a4:60O9FBn6pbCtRJ/J69zlM

Score
10/10
cf94c33cd30592e5c05e75b8544f18acraccoon

Malware Config

Extracted

Family

raccoon

Botnet

cf94c33cd30592e5c05e75b8544f18ac

C2

http://93.185.166.154:80/

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1700-2-0x0000000000400000-0x0000000002287000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections