raccoon | 1444-54-0x0000000000400000-0x0000000000D84000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1444-54-0x...ry.exe

windows7-x64

1444-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

573c48a8e051f58a57dca1544700413a raccoon

1 signatures

Behavioral task

behavioral1

Sample

1444-54-0x0000000000400000-0x0000000000D84000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1444-54-0x0000000000400000-0x0000000000D84000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1444-54-0x0000000000400000-0x0000000000D84000-memory.dmp
Size

9.5MB
MD5

5f8e32531c6f5c5172f9b92469d3a766
SHA1

a5f6db028303bebb3d6eea7061bf9b29bab3a338
SHA256

ddf39d79e92eeea4e7109fba4c6298a270b78857d124ebea35d637bcf2edc61a
SHA512

ce1735f3be9c3a969a87c836f5207a94c1db023a83b8aabbd2d0f5b91570e1b8868e81e903f49bb12da2bf3a8a25445a6fcc013e348119173c05975f4eccb1e3
SSDEEP

196608:2yry+I6LR7fapR0tiPlIw2gCKYMZbocA4xKW2Q61OlRkn3BPT9qKW4ONlk1zA2ik:2yG0700tiPCwGKjbocA4oPQ61MRkRPDj

Score

10^/10

573c48a8e051f58a57dca1544700413a raccoon

Malware Config

Extracted

Family

raccoon

Botnet

573c48a8e051f58a57dca1544700413a

C2

http://88.119.169.55/

rc4.plain

Signatures

Raccoon family
raccoon

Files

1444-54-0x0000000000400000-0x0000000000D84000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JP/
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.)8^
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.L%o
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy