raccoon | 1680-57-0x0000000000400000-0x00000000007EA000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1680-57-0x...ry.exe

windows7-x64

1

1680-57-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

29436d51b3a8fde5d7895ccc63af3a09 raccoon

1 signatures

Behavioral task

behavioral1

Sample

1680-57-0x0000000000400000-0x00000000007EA000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1680-57-0x0000000000400000-0x00000000007EA000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1680-57-0x0000000000400000-0x00000000007EA000-memory.dmp
Size

3.9MB
MD5

006ad05bdd5000d58621b50e0c74bc17
SHA1

266730c902c0d18151d40a5435031e416614d1b4
SHA256

8b3599f9f04a2a2183315b16c037bbb8b8033ca574663ddc5674c1f7557b78a4
SHA512

9ea40c4837f8b8a0d7b79926abca4cd29ee96bf2d1c465f10e47a1bc181a41b7f4a96912ceed586896b421f43cafaa067d9c9bcc91c3331f2afa8b548b852363
SSDEEP

6144:v1nd1qxbPgY9IBc56SpNTIuqbqHwFIEyJ1:tndQTh6Bc56SpNTIuxQ7y

Score

10^/10

29436d51b3a8fde5d7895ccc63af3a09 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

29436d51b3a8fde5d7895ccc63af3a09

C2

http://88.119.161.156

rc4.plain

Signatures

Raccoon family
raccoon

Files

1680-57-0x0000000000400000-0x00000000007EA000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy