raccoon | 952-152-0x0000000000D70000-0x00000000015A8000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

952-152-0x...ry.exe

windows7-x64

1

952-152-0x...ry.exe

windows10-2004-x64

3

Sharing

Static task

static1

8143cdbb6187c5f87f7f693ded3bbac1 raccoon

1 signatures

Behavioral task

behavioral1

Sample

952-152-0x0000000000D70000-0x00000000015A8000-memory.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

952-152-0x0000000000D70000-0x00000000015A8000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

952-152-0x0000000000D70000-0x00000000015A8000-memory.dmp
Size

8.2MB
MD5

af06957856231652ede91211c4e0cb68
SHA1

3189b3c01b793db8be819855be0d5a0a77db2079
SHA256

3c637c5462a2f45e003907e6755f155b3a45e440bfc32d70f55d49adb4caa53b
SHA512

e1202e605fbe3123d3f32528b3a672047320b03ea4051f53872b8fbf8f5ffc09916b43246254840df5e08319fc0e4a7aadf78b0b72e69f96db6d7a05f771b17b
SSDEEP

98304:lPaNeE7861S85ZJB7kTVfReih54ouvOxfgT4XtYjJaLFvzbP+0ko5:scEF1bkeeuigT4Xtt5A

Score

10^/10

8143cdbb6187c5f87f7f693ded3bbac1 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

8143cdbb6187c5f87f7f693ded3bbac1

C2

http://45.67.231.11

http://94.131.109.18

rc4.plain

Signatures

Raccoon family
raccoon

Files

952-152-0x0000000000D70000-0x00000000015A8000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 2.7MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy