Overview

overview

10

Static

static

10

4040-33-0x...ry.exe

windows7-x64

1

4040-33-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4040-33-0x0000000000400000-0x0000000000416000-memory.dmp

  • Size

    88KB

  • MD5

    4b5ba372f3ce0435086ec55099518ba9

  • SHA1

    03f4f061b0df5d5f73ede2a89ab0f457ec7944a2

  • SHA256

    0ce147f1686624d4f5be0784754e4303beb5dadb3caf1047e8910ab907b85881

  • SHA512

    86e9327b1f34305c2c100df8ae8486cb09283d0063d8cb5812122993435b7e18dc6f5ff9e0fd5bfb30d6b0254878d25b5fad4cc6c46f92a2d55a5878f1dab7c9

  • SSDEEP

    1536:KX0PI6ORWFPekAZZ0XCkSBIPV1Fn1p06QcKUp3M3FqH:9PI6GWpeVsXCLMrxbQOpgFqH

Score
10/10
533dd9c84bccbd9ddf7f34e6cd42ad4eraccoon

Malware Config

Extracted

Family

raccoon

Botnet

533dd9c84bccbd9ddf7f34e6cd42ad4e

C2

http://178.20.43.58:80/

Attributes
  • user_agent

    MrBidenNeverKnow

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4040-33-0x0000000000400000-0x0000000000416000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections