Overview

overview

10

Static

static

10

1256-2921-...ry.exe

windows7-x64

1

1256-2921-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1256-2921-0x0000000000400000-0x000000000041B000-memory.dmp

  • Size

    108KB

  • MD5

    aa53274718d5f0fa72ca46e401142a1f

  • SHA1

    39719d4f3af6b1edc3e6c31eec4a833f5b71c7f7

  • SHA256

    49cb3f90f6f751fae502d2fb6e912627e9c49cde583e0d17a74f5551d1c15a26

  • SHA512

    d26ae80e772b1f56a6b3e896e5cc5ea9e5fd395e6d9616e00c33058e2cade1e03f56d989bfa0b0efdecb3d635784140eaf7ad44aa0208bf20a9b85a7c35d8dff

  • SSDEEP

    3072:VANfQKMuflyKX9FBFya6mob9l3L6RJ//5O:60O9FBn6pb/WRJ/

Score
10/10
c78f27a0d43f29dbd112dbd9e387406braccoon

Malware Config

Extracted

Family

raccoon

Botnet

c78f27a0d43f29dbd112dbd9e387406b

C2

http://31.192.237.23:80/

http://193.233.132.12:80/
Attributes
  • user_agent

    SunShineMoonLight

xor.plain

Signatures

  • Raccoon Stealer payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1256-2921-0x0000000000400000-0x000000000041B000-memory.dmp
    .exe windows:6 windows x86


    Headers

    Sections