Overview

overview

10

Static

static

10

2692-18-0x...ry.exe

windows7-x64

1

2692-18-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2692-18-0x0000000000400000-0x000000000041B000-memory.dmp

  • Size

    108KB

  • MD5

    1b551d903a672792d8e4d597215e37af

  • SHA1

    40d4161777a601c9056a89dd484edacb1288c855

  • SHA256

    9a94937cd630e15f14f69f8102c79db402e57c075cd2b9f50d388fe9fded101a

  • SHA512

    09a8d39c29390fdbc39334c0fb4f5cc1a8a8076ef0117638792b71cfce674e73269e3947d1b806d09cb96456fe5a7a0f8d3541e2e3b660850b673945b51a0a3a

  • SSDEEP

    3072:VANfQKMuflyKX9FBFya6mob2l1L6RJ//5O:60O9FBn6pb+ARJ/

Score
10/10
66abb93700da7ce4fb9f52da912f5cf3raccoon

Malware Config

Extracted

Family

raccoon

Botnet

66abb93700da7ce4fb9f52da912f5cf3

C2

http://45.61.138.198:80/

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2692-18-0x0000000000400000-0x000000000041B000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections