raccoon | 1528-54-0x0000000000B40000-0x0000000001655000-memory[.]dmp

General

Target

1528-54-0x0000000000B40000-0x0000000001655000-memory.dmp
Size

11.1MB
MD5

266ca5f20c5419e20feec526c52b25fa
SHA1

04a4c0822bbad84ffb215bd83013fd51bb8e79b6
SHA256

5a00e77f4108a75554a0575adc2c01ad57a9fae27f9b3c196bd9eb6efef17c2b
SHA512

d02ea9d19a4c13554c915d4472b18316a64d39aec83aabac5ae263753fe355cbca17264bee2e9ea4531c07392369099cf7fb9206ae1428d05412c6a06171f915
SSDEEP

196608:LsCSqh0RGVeOuL8FC5DfZTUn4NbGBXUioqNjXuEB1JaK9O4A660nlA:gyRED5yUaBXUjY+W1P9O4AylA

Score

10^/10

cee437c1856beeadc9ba2e07954dbe9e raccoon

Malware Config

Extracted

Family

raccoon

Botnet

cee437c1856beeadc9ba2e07954dbe9e

C2

http://94.131.96.109

http://45.89.55.113

rc4.plain

Signatures

Raccoon family
raccoon

Files

1528-54-0x0000000000B40000-0x0000000001655000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ŪЏūŬ
Size: - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

₦₲��
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

₦₲��
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

₦₲��
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: - Virtual size: 44KB

.rdata Size: - Virtual size: 8KB

.data Size: - Virtual size: 1KB

.CRT Size: - Virtual size: 4B

ŪЏūŬ Size: - Virtual size: 577KB

₦₲�� Size: - Virtual size: 3.3MB

₦₲�� Size: 1024B - Virtual size: 864B

₦₲�� Size: 6.6MB - Virtual size: 6.6MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 465KB

.text
Size: - Virtual size: 44KB

.rdata
Size: - Virtual size: 8KB

.data
Size: - Virtual size: 1KB

.CRT
Size: - Virtual size: 4B

ŪЏūŬ
Size: - Virtual size: 577KB

₦₲��
Size: - Virtual size: 3.3MB

₦₲��
Size: 1024B - Virtual size: 864B

₦₲��
Size: 6.6MB - Virtual size: 6.6MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 465KB