Overview

overview

10

Static

static

10

1712-57-0x...ry.exe

windows7-x64

1712-57-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1712-57-0x0000000000400000-0x0000000001A8F000-memory.dmp

  • Size

    22.6MB

  • MD5

    1e942fb3b0ebfe2c8cbc14e9eca36d1b

  • SHA1

    a24111cf59a4e6e54497255b7b6e58529586ffa1

  • SHA256

    18b0674773b8e453e58bde026a56d5b33af09b797dbcb78d737baf9b1a9a4fb9

  • SHA512

    4fe7f329dfd3acd6b60b83c93ed647c8897d8136ff5541702e800b3b971eed439c5c219d0641f2642973ad9d5e18b80d1e55de22e199754ac01f8b38803e9e6b

  • SSDEEP

    393216:xwywAztUhTL/VxTUZJYL3x9AOgNtnrZh+1OXWQaqxhYkvJIU7lWB6:z7UhTjXyJszBYnrZrXWQ1skJm6

Score
10/10
ee2a3d190100b91c20d8bc284238dda6raccoon

Malware Config

Extracted

Family

raccoon

Botnet

ee2a3d190100b91c20d8bc284238dda6

C2

http://45.15.156.144/

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1712-57-0x0000000000400000-0x0000000001A8F000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections