raccoon | 0cf7995ad70ac245a69b1eb2274a318b[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

a7b38f0481...8a.exe

windows7-x64

1

a7b38f0481...8a.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

74d58996d6e321fd23b1d6b6da7479d1 raccoon

1 signatures

Behavioral task

behavioral1

Sample

a7b38f04814cf745ecd9245cedb04e7499ce09cfa7b03a2c2b9c5ca2b79f708a.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

a7b38f04814cf745ecd9245cedb04e7499ce09cfa7b03a2c2b9c5ca2b79f708a.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0cf7995ad70ac245a69b1eb2274a318b.bin
Size

48KB
MD5

e65f51f7a42e1621ebffbb4c42d40d41
SHA1

f38c855d0cee4439774893dfbcb46eff2a8488bf
SHA256

83eee511206a9d643f24fc4094c895e334689e733940c7624da2251235bf6ab6
SHA512

c3c88547591cbff9b4a5d9e29263067b28622e13ab7fdd2f3fbbea97c75fbdbd87cc982112d1f0d69f24519b0f6d6cebc40876f45377c46a557e46145320eab8
SSDEEP

768:bRYunyXcRflwLgkuzCYo2ReNRpcY6tMn5pXh1CgqTs3AntAvw/GUJGfaeE0m3t5:Suvd8gFzCdYeNRGXM5r1sumAcJGfBLIP

Score

10^/10

74d58996d6e321fd23b1d6b6da7479d1 raccoon

Malware Config

Extracted

Family

raccoon

Botnet

74d58996d6e321fd23b1d6b6da7479d1

C2

http://45.15.156.145/

xor.plain

Signatures

Raccoon family
raccoon

Files

0cf7995ad70ac245a69b1eb2274a318b.bin
.zip

Password: infected
a7b38f04814cf745ecd9245cedb04e7499ce09cfa7b03a2c2b9c5ca2b79f708a.exe
.exe windows x86

Password: infected

97d41417e1c898a9dc85fb4d98655fda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
lstrlenA
LocalAlloc
IsBadCodePtr
GetProcAddress
LoadLibraryA

gdi32

GetDeviceCaps

ole32

CoInitialize

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy