Overview

overview

10

Static

static

10

1064-60-0x...ry.exe

windows7-x64

1064-60-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1064-60-0x0000000000400000-0x000000000217C000-memory.dmp

  • Size

    29.5MB

  • MD5

    bda1045b11d8dee316585542ab3b5e91

  • SHA1

    f87ca47c9094f84fe0bd1844accd683cb70c733b

  • SHA256

    aa6ec8a86d4f995e642490e38b83db564cacd3ed4dbf4358b351ca7f35123393

  • SHA512

    4cac430c6e34c3bd5744f98b3adb293b5a999fca1e1471d1989b40c2a836340b972881a654f629cf28c93760d00626665577aca8e473058d261f58ce99cac808

  • SSDEEP

    786432:hNODCb/mK42LSaHnzcECB5NL37ZBE/oW1ByTTVVKUKUffaEIi:hxbeK4AfHnzcf7VBW1B6BHa

Score
10/10
13718a923845c0cdab8ce45c585b8d63raccoon

Malware Config

Extracted

Family

raccoon

Botnet

13718a923845c0cdab8ce45c585b8d63

C2

http://45.15.156.198/

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1064-60-0x0000000000400000-0x000000000217C000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections