raccoon | 216-199-0x0000000000EB0000-0x0000000000EC4000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

216-199-0x...ry.exe

windows7-x64

1

216-199-0x...ry.exe

windows10-2004-x64

3

Sharing

Static task

static1

7394a7fc5da9794209d8b0503ca4abf4 raccoon

1 signatures

Behavioral task

behavioral1

Sample

216-199-0x0000000000EB0000-0x0000000000EC4000-memory.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

216-199-0x0000000000EB0000-0x0000000000EC4000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

216-199-0x0000000000EB0000-0x0000000000EC4000-memory.dmp
Size

80KB
MD5

8e0c9475b6838b12539672a3be2401c6
SHA1

1410778fae130db04ee3b155a09a36486240a184
SHA256

987c4315ecf1356447bdaa062ec30595f58de840544d8c4508caaadd885050e5
SHA512

d6352c0eec30305bc43a02c1cd3398be101732b035e8928e5a83ec3df9656f3cc459d951f01c97f934441e839899d504910ee594ff35f74625e2da88badf36f2
SSDEEP

768:GT4Tt7uYYAloYMTMHgH0CObD/MDatRBfW5Fsh6EZsj8entZeS6RHUhS:vTt7UGsH0CObeatRBkshpbenzQR0

Score

10^/10

7394a7fc5da9794209d8b0503ca4abf4 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

7394a7fc5da9794209d8b0503ca4abf4

C2

http://213.252.245.214

rc4.plain

Signatures

Raccoon family
raccoon

Files

216-199-0x0000000000EB0000-0x0000000000EC4000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy