Overview

overview

10

Static

static

10

2908-23-0x...ry.exe

windows7-x64

1

2908-23-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2908-23-0x0000000000400000-0x000000000085E000-memory.dmp

  • Size

    4.4MB

  • MD5

    e2b96f789126d8f8ebc1c10e09cd86e0

  • SHA1

    7ffbce5749b3534b353734144501e17082ec95f1

  • SHA256

    03563e7febfb45c840e3a4ddd6d301e170b08460d48313266a0781045dcf52f8

  • SHA512

    99705cfe010e73c2fdc4c2b7e853597362e31c94be0ca94a5139d168f533012dadffbc3c9e249e3eb12a48f9d122a273078824163da1aa10c36c51fc4034fe2e

  • SSDEEP

    3072:9PI6GWpeVsXCLMrxbQtpuFqHqib4pFVqmkStswH9pQURRzK5pHUZ5OeTC8L:9P8WwesMrJQtpmVkmH39pQUTwHU3T

Score
10/10
02715ba03fc9d768ba977c72db990ef6raccoon

Malware Config

Extracted

Family

raccoon

Botnet

02715ba03fc9d768ba977c72db990ef6

C2

http://193.233.132.30:80/

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2908-23-0x0000000000400000-0x000000000085E000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections