General
-
Target
3724-16-0x0000000000400000-0x000000000041B000-memory.dmp
-
Size
108KB
-
MD5
2168b2f864b5075e76d0c3c984d6ba2f
-
SHA1
e37583da994dce890a95fbdfc2dcf5f0ac9dfae1
-
SHA256
ff55e6d68ce0b42f9c421a15aac36072123b21cdf1845e404a40fc545d00302f
-
SHA512
70eaec0f11e448ff0fdb4bfee5b4a2e66d3a17d52ea0c28a7206f240cba7b57354114883d73c701772238156f808d0f80e2bfb18c1a5f3a5d45c4b594eeff476
-
SSDEEP
3072:VANfQKMuflyKX9FBFya6mob2laL6RJ//5O:60O9FBn6pb+dRJ/
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
5bfc2fea32660a3c43ec3fa8f7188f7e
C2
http://91.103.252.109:80
Attributes
-
user_agent
SunShineMoonLight
xor.plain
Signatures
-
Raccoon Stealer payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3724-16-0x0000000000400000-0x000000000041B000-memory.dmp
Headers
Sections