raccoon | F4A61D5E16472B5BE0426BE2097D7C05[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

F4A61D5E16...05.exe

windows7-x64

1

F4A61D5E16...05.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

e19db764474331ed57729c65ce34279e raccoon

1 signatures

Behavioral task

behavioral1

Sample

F4A61D5E16472B5BE0426BE2097D7C05.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

F4A61D5E16472B5BE0426BE2097D7C05.exe

Resource

win10v2004-20230220-en

discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

General

Target

F4A61D5E16472B5BE0426BE2097D7C05.exe
Size

107KB
MD5

f4a61d5e16472b5be0426be2097d7c05
SHA1

bac558d4f126f65d6b4c4b88d91cba07598db6ee
SHA256

ae818ff8a14f02cbc0095aaa2e2c2ae4e898886182e28532390ac2749387e87a
SHA512

18a658be0e55f12b0ef957ee023532fd13ec57d64557aa0febe2dae173f999ff7ab36eba00aa187b1989c063722cea0c79cc03c0a47707002484e2910d65cd7d
SSDEEP

1536:Bpaiq0I2XvL/5kVvpyITHAOEH8pIZ+msXvsfJre8oJ1C7uj9m:BpaikE/5SppIZ+m2sfJrebJF

Score

10^/10

e19db764474331ed57729c65ce34279e raccoon

Malware Config

Extracted

Family

raccoon

Botnet

e19db764474331ed57729c65ce34279e

C2

http://82.115.223.13/

rc4.plain

Signatures

Raccoon family
raccoon

Files

F4A61D5E16472B5BE0426BE2097D7C05.exe
.exe windows x86

89766042e29aed5fce63c7340618b000

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
CheckRemoteDebuggerPresent
CreateFileW
GetProcAddress
LoadLibraryA

user32

DestroyWindow

gdi32

GetObjectW

ole32

CoDecodeProxy
CoInitialize

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy