raccoon | 1660-60-0x0000000000400000-0x00000000010D1000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1660-60-0x...ry.exe

windows7-x64

1660-60-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

68db7c3c7f7291d80cb1883abb54ceef raccoon

1 signatures

Behavioral task

behavioral1

Sample

1660-60-0x0000000000400000-0x00000000010D1000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1660-60-0x0000000000400000-0x00000000010D1000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1660-60-0x0000000000400000-0x00000000010D1000-memory.dmp
Size

12.8MB
MD5

76e711ab09fce464afe8a07afd180597
SHA1

c254082512aabf872a869f65d741189cb6692566
SHA256

6164f6b5ae9bd9a00ffc11d083e5f08cb71bb869d6137f594850c64ce044d9ff
SHA512

c9b843472d351363e2d3b140d7cd6a86119e330c52a1e997aa39bdb98e6028f141174bf8ff121ffca70fd759acf0a23e10d4169ca2606e37d42854bcd5748df7
SSDEEP

196608:SNgzbFKOfZzzHNxYmzW00p/oC1/fBX/NmU6rCHFovirA6g8nS:i0ZDY2W00Zo6fF/R6c3rA6g

Score

10^/10

68db7c3c7f7291d80cb1883abb54ceef raccoon

Malware Config

Extracted

Family

raccoon

Botnet

68db7c3c7f7291d80cb1883abb54ceef

C2

http://45.150.67.85/

rc4.plain

Signatures

Raccoon family
raccoon

Files

1660-60-0x0000000000400000-0x00000000010D1000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 6.0MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy