Overview

overview

10

Static

static

10

888-61-0x0...ry.exe

windows7-x64

3

888-61-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    888-61-0x0000000000400000-0x000000000041D000-memory.dmp

  • Size

    116KB

  • MD5

    deb4af2a337faaecbdbd3a85a3c2d870

  • SHA1

    f7e54393b7373391c0535b299df9cffd098fca32

  • SHA256

    8408b6ff3f7b8004d2711bb68f40a288b6d26d8b30b15e7a4ab7f7ba9cbc47f2

  • SHA512

    4dd1e32cda3b5b161f3ee75af7440b6095b5e743c5ddb4b7cb20db9367aa036a1e47997fd5003bd45f52d23c56dcb163a849eb1ab53f361a50d22ddc8d59d3b9

  • SSDEEP

    1536:Bpaiq0I2XvL/5kVvpyITHAOEH8pIZ+msXvsfJre8oJ1C7uj9m:BpaikE/5SppIZ+m2sfJrebJF

Score
10/10
f26f614d4c0bc2bcd6601785661fb5cfraccoon

Malware Config

Extracted

Family

raccoon

Botnet

f26f614d4c0bc2bcd6601785661fb5cf

C2

http://83.217.11.34

http://83.217.11.35
Attributes
  • user_agent

    901785252112

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 888-61-0x0000000000400000-0x000000000041D000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections