Overview

overview

10

Static

static

10

812-21-0x0...ry.exe

windows7-x64

1

812-21-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    812-21-0x0000000000400000-0x000000000085E000-memory.dmp

  • Size

    4.4MB

  • MD5

    3e12c523df68a9ca7eeebca2f5fec1d8

  • SHA1

    dcf3fb05046659bc1250a2559f2b69e94c2d6d7d

  • SHA256

    22e1040d8388922ba9113667b307b621f42511cbcb3c86c2502c53b6fad884c3

  • SHA512

    d33bc415c5e5ea66be6e26bab3268fd9160d68e54cf93a03f5262f9a2162e7c1bb5912b3594f036e71d3283e8c9202be22886f42aeacb6a3fe06cd1fc31e5a97

  • SSDEEP

    3072:9PI6GWpeVsXCLMrxbQZpuFqHOb4pFVqmkStswH9pQURRGEpHUZ5OeTC8L:9P8WwesMrJQZpm8kmH39pQUm6HU3T

Score
10/10
02715ba03fc9d768ba977c72db990ef6raccoon

Malware Config

Extracted

Family

raccoon

Botnet

02715ba03fc9d768ba977c72db990ef6

C2

http://193.233.132.30:80/

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 812-21-0x0000000000400000-0x000000000085E000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections