Overview

overview

10

Static

static

10

1276-2-0x0...ry.exe

windows7-x64

1

1276-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1276-2-0x0000000000400000-0x0000000000493000-memory.dmp

  • Size

    588KB

  • MD5

    8760254133a1c52637a706dfa01aaf9e

  • SHA1

    44a7208f3d49c7274a1fa11864b73d58d31c8745

  • SHA256

    3fa5a1d3cd267a0f857af08d9bcba1b2d2360d79a5988559aac553d35de157f8

  • SHA512

    ba0c315ad9bba77d72954c7c3b9014d9583d37ce30eb9709c7b0482fbf6967753cb7c67fcd202ded6b94bc6f54f05eecea959274c12ba9ee41668b2ebef4c728

  • SSDEEP

    6144:60O9FBn6pbHLRJ/KVXaEa2AzTkb0xLWay+B2SlZY2TJEyZwFhbQI0ftG5x6nAg9v:HO9FBniHNJxLBf2SfZYbf0tG58nAnbc

Score
10/10
17ac5bf38b1a6b1d4173afdd8ddb90cfraccoon

Malware Config

Extracted

Family

raccoon

Botnet

17ac5bf38b1a6b1d4173afdd8ddb90cf

C2

http://176.113.115.213:80/

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1276-2-0x0000000000400000-0x0000000000493000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections