Overview

overview

10

Static

static

10

588-1208-0...ry.exe

windows7-x64

1

588-1208-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    588-1208-0x0000000000400000-0x000000000040F000-memory.dmp

  • Size

    60KB

  • Sample

    240324-e96vrahg84

  • MD5

    17069cba6b42245449511370854444e1

  • SHA1

    a755b08fdd05cedf6fd9ad324f07ab78358bede9

  • SHA256

    2e59c2b298d0af6f9e232a1559ff2161f92a1c48f6b38612b8f2a62f3fb292c1

  • SHA512

    cac6713c0de6368d816733ba74374e7b2f789835e14c5be21c95b658ff4a0c0f2c17efb204b6fcbf5e3ad7ca93df66daa8c71f2e32e37a79e8a697e7710fc5a2

  • SSDEEP

    768:TVcCo1dt4cybqx7P9vm9Rg6+E7apmWnmsk:T2t4cybq56On4

Score
10/10
raccoon3c1e19ca7e90eb061bab2909496bea51

Malware Config

Extracted

Family

raccoon

Botnet

3c1e19ca7e90eb061bab2909496bea51

C2

http://91.107.239.231:80/

http://128.140.90.181:80/
Attributes
  • user_agent

    DuckTales

xor.plain

Targets

    • Target

      588-1208-0x0000000000400000-0x000000000040F000-memory.dmp

    • Size

      60KB

    • MD5

      17069cba6b42245449511370854444e1

    • SHA1

      a755b08fdd05cedf6fd9ad324f07ab78358bede9

    • SHA256

      2e59c2b298d0af6f9e232a1559ff2161f92a1c48f6b38612b8f2a62f3fb292c1

    • SHA512

      cac6713c0de6368d816733ba74374e7b2f789835e14c5be21c95b658ff4a0c0f2c17efb204b6fcbf5e3ad7ca93df66daa8c71f2e32e37a79e8a697e7710fc5a2

    • SSDEEP

      768:TVcCo1dt4cybqx7P9vm9Rg6+E7apmWnmsk:T2t4cybq56On4

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks