raccoon | 0c6c8ee1ec884f1ccbd4c60c6125cc93[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

0c6c8ee1ec...93.exe

windows7-x64

8

0c6c8ee1ec...93.exe

windows10-2004-x64

8

Sharing

Static task

static1

b3a9997fe55d847cdbadca75fb6e544a raccoon

1 signatures

Behavioral task

behavioral1

Sample

0c6c8ee1ec884f1ccbd4c60c6125cc93.exe

Resource

win7-20220812-en

discovery spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

0c6c8ee1ec884f1ccbd4c60c6125cc93.exe

Resource

win10v2004-20220812-en

discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

General

Target

0c6c8ee1ec884f1ccbd4c60c6125cc93.exe
Size

61KB
MD5

0c6c8ee1ec884f1ccbd4c60c6125cc93
SHA1

b242d55e9d6abde82a8985235643ac68bb229b12
SHA256

0b43db960033fdbe66689cf37ae2bc4aa05f571890a84c09a7f2b174f3054554
SHA512

3732dd5b50e5cd439fbb488550e30edf22d907351a2b24229e7a01b8acb6acabf20130c8ccdaf0c102b53623ff6508e5bcb32324ad0bfdd8528584dd2b7a8c92
SSDEEP

768:G3hBdh98zo8hUzAMgRt5O9hDtqCD+4yNdQiEw6ZjqZeS6RcUhSC:AdMzAzjavO9uG+NNdQ4MGQRXv

Score

10^/10

b3a9997fe55d847cdbadca75fb6e544a raccoon

Malware Config

Extracted

Family

raccoon

Botnet

b3a9997fe55d847cdbadca75fb6e544a

C2

http://185.253.96.120/

rc4.plain

Signatures

Raccoon family
raccoon

Files

0c6c8ee1ec884f1ccbd4c60c6125cc93.exe
.exe windows x86

c5c36a515b13d54501168b24d2b48063

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateFileW
LoadLibraryW

ole32

CoInitialize

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy