raccoon | raccoon (2)[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

raccoon (2).exe

windows7-x64

8

raccoon (2).exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

31f1dd78cfcb010a34ba4139e2e6892e raccoon

1 signatures

Behavioral task

behavioral1

Sample

raccoon (2).exe

Resource

win7-20230220-en

discovery spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

raccoon (2).exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

raccoon (2).exe
Size

110KB
MD5

44f3d82c9ddc5732d7c826d470cfef67
SHA1

03f2d9916e32637ac4f33c25fe64a5dd2024d3a9
SHA256

bad51064d37028878d53da7b634bf05633b6eb7ae75900077fadf34bfba42553
SHA512

40b86fd274deaaa1b74018e34df814420b8514ae689cefe77b11c2890bc0b093ef338c3b148018e0aeb6a3b32481609328d878fa61bbef5df5fd24060b4719d0
SSDEEP

1536:/ja4qX8uFJQvccqJ4QFn8XwcWwH7Yq8BG8TcdayFtvhV732+oOl8s4PBqZ1zObEg:/jYPQRQmr8YLNL6dzjPAvZjy5g

Score

10^/10

31f1dd78cfcb010a34ba4139e2e6892e raccoon

Malware Config

Extracted

Family

raccoon

Botnet

31f1dd78cfcb010a34ba4139e2e6892e

C2

http://45.144.31.31/

http://195.133.40.111/

rc4.plain

Signatures

Raccoon family
raccoon

Files

raccoon (2).exe
.exe windows x86

Password: infected

97d41417e1c898a9dc85fb4d98655fda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
lstrlenA
LocalAlloc
IsBadCodePtr
GetProcAddress
LoadLibraryA

gdi32

GetDeviceCaps

ole32

CoInitialize

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy