General

  • Target

    3340-141-0x0000000000400000-0x0000000000E17000-memory.dmp

  • Size

    10.1MB

  • MD5

    54abca3f370e5e61249dade147ac1cbc

  • SHA1

    c7552ab5fa1b631e6e29ed28821295be0bde4800

  • SHA256

    1e16dd78ebe8266a2676a3b016894dbc0bf1b28e223888dc5f71335de6ca0fd0

  • SHA512

    f8c4d4b1e1dd6ab8c16a99a8806983cbfa14415c1cf7a22d74439b27b808165f5716c56d6b6f245e38df497ccead159146ab271e64c4097f83575c28414301e0

  • SSDEEP

    196608:943SbNMQBfjyUJcZL1iIilMpJavg7SY5x7MAsbbrQ445Fwx95kHt8ESZhY3ko:943ZQVx6aL6xOY3zYs25St8R

Malware Config

Extracted

Family

raccoon

Botnet

12b578c7e84cde40470e7033ed07e072

C2

http://37.220.87.66/

http://77.73.134.0/

Attributes
  • user_agent

    901785252112

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3340-141-0x0000000000400000-0x0000000000E17000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections