raccoon | 1104-54-0x0000000000020000-0x0000000000034000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1104-54-0x...ry.exe

windows7-x64

1

1104-54-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

1c36e3d4b5b2fa27a6da004323147124 raccoon

1 signatures

Behavioral task

behavioral1

Sample

1104-54-0x0000000000020000-0x0000000000034000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1104-54-0x0000000000020000-0x0000000000034000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1104-54-0x0000000000020000-0x0000000000034000-memory.dmp
Size

80KB
MD5

05945f54f10c8621bcf6befadde7c52c
SHA1

3751bdaaec1d8a0418e2bfef0583d304cfeff5cb
SHA256

8b71a04cdbb30fae044c1c1a0c2d05f8298c3d1cf1dbc8ec7cc184d2e4f3b035
SHA512

776715b77cbbab83f68a24aa9a11dd1c1a6e4d036beb4f9cc152b5c33a554db3303c15db6e863e6f53339c91de3d173060dd172842f1ffeb282fe6c87fa0cdd2
SSDEEP

768:GDK2yIg3QEW9wjJ65/hVUwAQMRfDayE2DW1/7zdZeS6RnlUhS:NIg3M9wY5/kwA7RfDa+Do7nQRS

Score

10^/10

1c36e3d4b5b2fa27a6da004323147124 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

1c36e3d4b5b2fa27a6da004323147124

C2

http://94.158.244.114/

rc4.plain

Signatures

Raccoon family
raccoon

Files

1104-54-0x0000000000020000-0x0000000000034000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy