raccoon | 21358135eacac995003ec03b33f347c5[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

21358135ea...c5.exe

windows7-x64

1

21358135ea...c5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

b472de4302b11d961b2ea8c6cb82a35b raccoon

1 signatures

Behavioral task

behavioral1

Sample

21358135eacac995003ec03b33f347c5.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

21358135eacac995003ec03b33f347c5.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

21358135eacac995003ec03b33f347c5.exe
Size

107KB
MD5

21358135eacac995003ec03b33f347c5
SHA1

2e6fb133aa184024585bad18f3ef327c5c894719
SHA256

660db1e083d6460785a1b314101980c8cd3cf6c276896bca1c9104bf12287c6a
SHA512

bb18acda37ebb1b89c9facad664a18770d7dcbf800241481c722ac76a50196ce6027065c20d7bef721753568ec7024f3a9789fd3c45f13552ff866c0b6929fd5
SSDEEP

1536:Bpaiq0I2XvL/5kVvpyITHAOEH8pIZ+msXvsfJre8oJ1C7uj9m:BpaikE/5SppIZ+m2sfJrebJF

Score

10^/10

b472de4302b11d961b2ea8c6cb82a35b raccoon

Malware Config

Extracted

Family

raccoon

Botnet

b472de4302b11d961b2ea8c6cb82a35b

C2

http://94.142.138.79/

rc4.plain

Signatures

Raccoon family
raccoon

Files

21358135eacac995003ec03b33f347c5.exe
.exe windows x86

89766042e29aed5fce63c7340618b000

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
CheckRemoteDebuggerPresent
CreateFileW
GetProcAddress
LoadLibraryA

user32

DestroyWindow

gdi32

GetObjectW

ole32

CoDecodeProxy
CoInitialize

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy