raccoon | 3f7b577f662c169fe766cdf2cf8c433fd19659355b5a6320a89e8068bee10efa[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

3f7b577f66...fa.exe

windows10-1703-x64

8

3f7b577f66...fa.exe

windows7-x64

1

Sharing

Static task

static1

bbbd8c4f062887157c5c54f47994f907 raccoon

1 signatures

Behavioral task

behavioral1

Sample

3f7b577f662c169fe766cdf2cf8c433fd19659355b5a6320a89e8068bee10efa.exe

Resource

win10-20230220-en

discovery spyware stealer

windows10-1703-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

3f7b577f662c169fe766cdf2cf8c433fd19659355b5a6320a89e8068bee10efa.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

300 seconds

General

Target

3f7b577f662c169fe766cdf2cf8c433fd19659355b5a6320a89e8068bee10efa.exe
Size

107KB
MD5

6d6a1c83920db242c501badf530e0673
SHA1

e081d43e2602e9cf61a128e51c6a69593a4fc466
SHA256

3f7b577f662c169fe766cdf2cf8c433fd19659355b5a6320a89e8068bee10efa
SHA512

b3161c308b69c46fd28e43f0d94cb436acf56299f33705c3357b9b84cfc06464bb9b53a9094e2149f792b114b6332fcb60e0119f5bebb9c5ffc0008c3f9c1f9b
SSDEEP

1536:Bpaiq0I2XvL/5kVvpyITHAOEH8pIZ+msXvsfJre8oJ1C7uj9m:BpaikE/5SppIZ+m2sfJrebJF

Score

10^/10

bbbd8c4f062887157c5c54f47994f907 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

bbbd8c4f062887157c5c54f47994f907

C2

http://103.155.93.161/

rc4.plain

Signatures

Raccoon family
raccoon

Files

3f7b577f662c169fe766cdf2cf8c433fd19659355b5a6320a89e8068bee10efa.exe
.exe windows x86

89766042e29aed5fce63c7340618b000

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
CheckRemoteDebuggerPresent
CreateFileW
GetProcAddress
LoadLibraryA

user32

DestroyWindow

gdi32

GetObjectW

ole32

CoDecodeProxy
CoInitialize

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy