General

  • Target

    2044-57-0x0000000000400000-0x00000000015AE000-memory.dmp

  • Size

    17.7MB

  • MD5

    572afc5d31e50926c4fae24aefed41fb

  • SHA1

    022bad25cbe0440e07663d661e96286804a9bd2d

  • SHA256

    4e284c2f0385dcbb2d08a03fafb03d3381e217082ef681b386085d1bfe18968b

  • SHA512

    dc0230c0ce767cd45067e76453a8887b10de72310d1e3abb3fa56904c75ea1f5f01575e84cced6e4a984185e30f6074b4d32570f4007492c33bb724aba64c1f6

  • SSDEEP

    393216:WsRLWoJAiUuYzzmdojvhMsgptun6Y3WwdxB7ehLGI:5DWuPepoun5Gwdj7SLGI

Malware Config

Extracted

Family

raccoon

Botnet

74792170e2ae861332d483b2cb2fedaf

C2

http://83.217.11.9/

http://45.9.74.60/

http://45.9.74.68/

Attributes
  • user_agent

    8403675430963473409

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2044-57-0x0000000000400000-0x00000000015AE000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections