Overview

overview

10

Static

static

10

4484-135-0...ry.exe

windows7-x64

4484-135-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4484-135-0x0000000000400000-0x00000000006C7000-memory.dmp

  • Size

    2.8MB

  • MD5

    c94d13029e417681ab87722b366bc52f

  • SHA1

    8076a9477d2b3f89d458318ca8dbff817b3fe05b

  • SHA256

    91a625c37368c1124820d029f58dc7292bfb0cbb9dbdb09dbc4935784ebc466a

  • SHA512

    da20f34f9d5366a6c5b693fe9a378312743fdccc7b6c049aa9d68fc02c76218a645f615853e1243e3a2b56cd54135f053cc8a5d62f99660b25dfa0f65f9b2d27

  • SSDEEP

    6144:1cNf7P/wxlb7BmHluEAaz9mvb9/pTqHu8uiHL:aN7plnLz9mT9/EO8LL

Score
10/10
5b7eff386f31487f5db4c7f0e4006546raccoon

Malware Config

Extracted

Family

raccoon

Botnet

5b7eff386f31487f5db4c7f0e4006546

C2

http://165.232.118.86/

Attributes
  • user_agent

    AYAYAYAY1337

xor.plain

Signatures

  • Raccoon Stealer V2 payload 1 IoCs
  • Raccoon family
    raccoon
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4484-135-0x0000000000400000-0x00000000006C7000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections