Overview

overview

10

Static

static

10

696-19-0x0...ry.exe

windows7-x64

1

696-19-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    696-19-0x0000000000400000-0x0000000000416000-memory.dmp

  • Size

    88KB

  • MD5

    24b9df54deff63fa5acda9b5751cb73c

  • SHA1

    747a17d535e18fc2e76e1625663e82f67a690e04

  • SHA256

    230ffa571beb4fba65a78cbf0aa8792a917a31fd020582123f27ec89b15728e4

  • SHA512

    ed862cd5f8969f909df01f44d019c375c081d60bb2aec133563db97279fea5bd4dee548b658a1199191ddc09a9417907d0f03b1a6c65e93eaf255b807275c9a4

  • SSDEEP

    1536:KX0PI6ORWFPekAZZ0XCkSBIPV1Fn1p06QcKUp3IFqH:9PI6GWpeVsXCLMrxbQOp4FqH

Score
10/10
2637bf45ccfc8a2d57025feab0be0b31raccoon

Malware Config

Extracted

Family

raccoon

Botnet

2637bf45ccfc8a2d57025feab0be0b31

C2

http://194.116.173.154:80

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 696-19-0x0000000000400000-0x0000000000416000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections