Overview

overview

10

Static

static

10

4348-121-0...ry.exe

windows7-x64

3

4348-121-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4348-121-0x0000000000400000-0x0000000000425000-memory.dmp

  • Size

    148KB

  • MD5

    a831a898f09c52fc96ffed7f7ea9d2d0

  • SHA1

    d8a9b6dd31cdee233495412e51d9e21b75c3d99d

  • SHA256

    0c1e51f723d3d1d45f1c742f1bb6cf9568c677e40c8cf14f5a0e8dc34a789173

  • SHA512

    00329382ef5813c68dabec2988b7a3e41ab4699a3199882a449d4501bf135d19bc397c209555093694ced3d5922bedfd0cf1fc35b76c064478b19c02b6606c02

  • SSDEEP

    3072:q4Unb10Voi63pXRS8uEJSXDPmRTEsBa8:46G31RruEJhHa8

Score
10/10
d15b2a098a1d89dc2193053e1faacd88raccoon

Malware Config

Extracted

Family

raccoon

Botnet

d15b2a098a1d89dc2193053e1faacd88

C2

http://146.70.106.55/

Attributes
  • user_agent

    B1D3N_RIM_MY_ASS

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4348-121-0x0000000000400000-0x0000000000425000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections