raccoon | 1644-54-0x0000000000400000-0x0000000000DC4000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1644-54-0x...ry.exe

windows7-x64

1644-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

f28f2d25a477bb5982a99746a8f3492c raccoon

1 signatures

Behavioral task

behavioral1

Sample

1644-54-0x0000000000400000-0x0000000000DC4000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1644-54-0x0000000000400000-0x0000000000DC4000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1644-54-0x0000000000400000-0x0000000000DC4000-memory.dmp
Size

9.8MB
MD5

a009c2652880f95e197e9bad26af6e10
SHA1

69eb167ee3c90492546b47e4f0b2a9fec6d9360c
SHA256

c0218b80fe45502d0c7a262406243112e946c3e2884c88f8a4d698d2c59ee0b0
SHA512

3386ef86f7b42e5368443f4689d24cfd5dc3430cf8eecc8f430876217e1acac1eefef45f44f1fcbe812370ee9a227d524e19a6bb28f557dddec3700829825b61
SSDEEP

196608:1Sdqg8AiLgy9KTivyAkTORYqUatqaZIXtUjBixZnCn5:1Scf9LgywTivzkTORYHa8aZIUw3+5

Score

10^/10

f28f2d25a477bb5982a99746a8f3492c raccoon

Malware Config

Extracted

Family

raccoon

Botnet

f28f2d25a477bb5982a99746a8f3492c

C2

http://94.131.101.170/

rc4.plain

Signatures

Raccoon family
raccoon

Files

1644-54-0x0000000000400000-0x0000000000DC4000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.*XK
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.D]^
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.:Mv
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy