Overview

overview

10

Static

static

10

324-54-0x0...ry.exe

windows7-x64

1

324-54-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    324-54-0x0000000000400000-0x0000000000488000-memory.dmp

  • Size

    544KB

  • MD5

    f6ce05a5596de4763c1b679e7e73cc69

  • SHA1

    207b32e52bbcf46832cb527b5a7009ebbb159d12

  • SHA256

    e707b7b2e0672489c4dcbaf37b73d68ccc10e6fc306b093d2b22f0af5dc6881e

  • SHA512

    9acbc123868c8b4ccb0159f9dd070fabdb608220b5ec1c41fc8049ca57d8b1a52d8da56a025a2526843956e318cb2a9208d8397a1cf7f3e7dd9d471fe6347c65

  • SSDEEP

    1536:D0jcjzCB6WeKjhKY/hINnAsmLps3K6iAGuSayJCPieyMRGpq5:KcjzCB6WfhK4IULps3K6RbSlCPixE75

Score
10/10
2a79930a467d50fd4bacba47f928c587raccoon

Malware Config

Extracted

Family

raccoon

Botnet

2a79930a467d50fd4bacba47f928c587

C2

http://88.119.175.220/

Attributes
  • user_agent

    23591

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 324-54-0x0000000000400000-0x0000000000488000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections