General
-
Target
1680-1395-0x0000000000400000-0x000000000040F000-memory.dmp
-
Size
60KB
-
MD5
e3c62b3326f513d8d078af5ededabb9b
-
SHA1
56a52024c192092a42d0b876125b4d649776ab6a
-
SHA256
7d4add68d683f15eda1805db0f84fcc0da38b37ad40b39768896b24f2c2bd5ef
-
SHA512
9f38ac679a0b846ee258c69643a18dff21729e6112ec8593ee5db423ad1e281e8424e2c65ca8e997630aaf2d5f21ed31a5634b13dd3ce9d8fcdd6770baf9137b
-
SSDEEP
768:TVcCo1dt4cybqx7P9vm9Rg6+E7apmWqmsk:T2t4cybq56Oq4
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
071a7b18a42c1cd94de2fc5bb0bbcaf2
C2
http://193.142.147.59:80
Attributes
-
user_agent
DuckTales
xor.plain
Signatures
-
Raccoon Stealer V2 payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1680-1395-0x0000000000400000-0x000000000040F000-memory.dmp
Headers
Sections