raccoon | 1636-65-0x0000000000400000-0x0000000000412000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1636-65-0x...ry.exe

windows7-x64

1

1636-65-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

95a5f22777e49d40d70bf77aadccdc5c raccoon

1 signatures

Behavioral task

behavioral1

Sample

1636-65-0x0000000000400000-0x0000000000412000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1636-65-0x0000000000400000-0x0000000000412000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1636-65-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
MD5

2f4654b13bb516925088460d6db6fe60
SHA1

eff4ce855d699eceff0226222b2c309f069215bc
SHA256

34c67cdbfb1a30b1b1c6df150c7aca16565d90970913ec83f6e4575abe19d1f1
SHA512

f185af5f49830951bdca915a2bef56bf8a93bd55d2b934d11515f39f66d36472ecdd77589f7cfb497bd94da4588bff4bc47d1cbb51d90ef7c50b91f0aa4f47dc
SSDEEP

768:8qOKi+7erib7i6DcJKUU1HTbqHymKYGkHrYb1sIz1Mi0MTGVq123VEcBehZVDBlR:jky1EMd1KEWexDDRcpdUooIdYfN8S

Score

10^/10

95a5f22777e49d40d70bf77aadccdc5c raccoon

Malware Config

Extracted

Family

raccoon

Botnet

95a5f22777e49d40d70bf77aadccdc5c

C2

http://94.131.106.92/

http://88.119.169.51/

rc4.plain

Signatures

Raccoon family
raccoon

Files

1636-65-0x0000000000400000-0x0000000000412000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy