raccoon | 057b580ce387fb16a7d997d5a8e05793[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

057b580ce3...93.exe

windows7-x64

8

057b580ce3...93.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

06f33d40235db381257da91320283468 raccoon

1 signatures

Behavioral task

behavioral1

Sample

057b580ce387fb16a7d997d5a8e05793.exe

Resource

win7-20220812-en

discovery spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

057b580ce387fb16a7d997d5a8e05793.exe

Resource

win10v2004-20220812-en

discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

General

Target

057b580ce387fb16a7d997d5a8e05793.exe
Size

61KB
MD5

057b580ce387fb16a7d997d5a8e05793
SHA1

031d54e8216f0750542c1b6491a5235f47155b37
SHA256

3a424c8ad44f55bcb0cdf2993bb81a0dd75871761452a0285893154a7d8dd69b
SHA512

9091b739c7fc4c292616f9fe5bd20e390c1bd1b819a54b0254c75d09efb1083cb7d9ce0329ff25fcbad29ae7c5ef1360cd7ade04498c5bc8525344ea12f64deb
SSDEEP

768:G3hBdh98zo8hUzAMgRt5O9hDtqCD+4yNdQiEw6ZjqZeS6RRUhSC:AdMzAzjavO9uG+NNdQ4MGQRev

Score

10^/10

06f33d40235db381257da91320283468 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

06f33d40235db381257da91320283468

C2

http://94.131.107.214

rc4.plain

Signatures

Raccoon family
raccoon

Files

057b580ce387fb16a7d997d5a8e05793.exe
.exe windows x86

c5c36a515b13d54501168b24d2b48063

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateFileW
LoadLibraryW

ole32

CoInitialize

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy