raccoon | 1284-63-0x0000000000400000-0x0000000000412000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1284-63-0x...ry.exe

windows7-x64

3

1284-63-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

94476028cb01373a9a79593d7fce091e raccoon

1 signatures

Behavioral task

behavioral1

Sample

1284-63-0x0000000000400000-0x0000000000412000-memory.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1284-63-0x0000000000400000-0x0000000000412000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1284-63-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
MD5

5731abd879eb54777c5992a14be5e6a1
SHA1

fa9e850a6d2adb2fce1ce94e2795904a74e0ace1
SHA256

d118cdced10b67ad911d5c62886c008ff94e67d800b0c50d2c2a3ec4cdbe3c6e
SHA512

89b272397125597af40140132b359131fbedc07da6448a6d0d74724d44d47aee2880fbee61d7783f2cb1d40d4193396db5933b76411a9cfe9c4e3ab3b4c688ff
SSDEEP

768:BfOKi+7erib7i6DcJKUU1HTbqHymKYGkXFnGeAwb2cDMaTji5w4AfY1WABS9MZmT:1ev2XW8x91WSSI15rJCvUnGlJworD

Score

10^/10

94476028cb01373a9a79593d7fce091e raccoon

Malware Config

Extracted

Family

raccoon

Botnet

94476028cb01373a9a79593d7fce091e

C2

http://194.180.174.117

http://194.180.191.81

rc4.plain

Signatures

Raccoon family
raccoon

Files

1284-63-0x0000000000400000-0x0000000000412000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy