Behavioral task
behavioral1
Sample
fc89f7167628e95935070f6a72c859da69a91655e72c4d8c8e31fbac73c2d379.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
fc89f7167628e95935070f6a72c859da69a91655e72c4d8c8e31fbac73c2d379.exe
Resource
win10v2004-20230220-en
General
-
Target
fc89f7167628e95935070f6a72c859da69a91655e72c4d8c8e31fbac73c2d379
-
Size
110KB
-
MD5
bc338e23e5411697561306eabb29bd9c
-
SHA1
2503a1d824af32214f3102d6e0d2e52d439b91f8
-
SHA256
fc89f7167628e95935070f6a72c859da69a91655e72c4d8c8e31fbac73c2d379
-
SHA512
f5fa3d4f0d611225393f9ff33de6657c1c47c89e11695b44fd35c840ea6ed0545c7b1da7ce4009d8cca76cf9587cb1c4586c992cb646d4cbeb816ef72e8c9254
-
SSDEEP
1536:/ja4qX8uFJQvccqJ4QFn8XwcWwH7Yq8BG8TcdayFtvhV732+oOl8s4PBqZ1zObEg:/jYPQRQmr8YLNL6dzjPAvZjy5g
Malware Config
Extracted
raccoon
301867536c206e3dae52e6d17c16cc9b
http://213.226.100.108/
Signatures
-
Raccoon family
Files
-
fc89f7167628e95935070f6a72c859da69a91655e72c4d8c8e31fbac73c2d379.exe windows x86
97d41417e1c898a9dc85fb4d98655fda
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LocalSize
lstrlenA
LocalAlloc
IsBadCodePtr
GetProcAddress
LoadLibraryA
gdi32
GetDeviceCaps
ole32
CoInitialize
Sections
.text Size: 98KB - Virtual size: 97KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ