General
-
Target
1084-12-0x0000000000400000-0x0000000000416000-memory.dmp
-
Size
88KB
-
MD5
148f96215d7240745ae95f99c39b6a4c
-
SHA1
c2991045981d29486f3d0805db979ae6a4fe4945
-
SHA256
c9df15e161613551c9387f4210cb0c2557a6f9f6a5a03b53b990149681dc9471
-
SHA512
7acd8226bd29613d3c7928659b65fe3b28d8c6242c8126268b9340e58f0ae4551110e5c8f86d75e56a85bdb3ab2eff0df5bb675d5935a070196440487dd8e9de
-
SSDEEP
1536:KX0PI6ORWFPekAZZ0XCkSBIPV1Fn1p06QcjUp3fFqH:9PI6GWpeVsXCLMrxbQxpPFqH
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
2ca5558c9ec8037d24a611513d7bd076
C2
https://192.153.57.177:80
Attributes
-
user_agent
MrBidenNeverKnow
xor.plain
Signatures
-
Raccoon Stealer V2 payload 1 IoCs
-
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1084-12-0x0000000000400000-0x0000000000416000-memory.dmp
Headers
Sections