Overview

overview

10

Static

static

10

2684-18-0x...ry.exe

windows7-x64

1

2684-18-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2684-18-0x0000000000400000-0x000000000041B000-memory.dmp

  • Size

    108KB

  • MD5

    82ea0c33e421a3d6eaced7b1584bedab

  • SHA1

    b3b2fd1fa38ba7cd2eda4a5e05bf68fb67e263f7

  • SHA256

    9beeadea4e55d388a37816e8bcace37ec9207a1af36be31ab2e1b2504762287a

  • SHA512

    20e0d8a91842d207afffe3f1c2eca8dc330bec6dc8766ee9f014032e55551e3d9a5df2804477be4c75d704ded43665e6f4824fd22752e51a095fa0239d2dd139

  • SSDEEP

    3072:VANfQKMuflyKX9FBFya6mob2lDL6RJ//5O:60O9FBn6pb+6RJ/

Score
10/10
ed0948b14ab8e264a55410711eba05abraccoon

Malware Config

Extracted

Family

raccoon

Botnet

ed0948b14ab8e264a55410711eba05ab

C2

http://91.92.246.197:80/

Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2684-18-0x0000000000400000-0x000000000041B000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections