raccoon | 1bac6d68ebdfa6e0d333a370d2b55849ce4d48d0dcb60ced8900febf2bf27de7[.]zip

General

Target

1bac6d68ebdfa6e0d333a370d2b55849ce4d48d0dcb60ced8900febf2bf27de7.zip
Size

361KB
MD5

4ad44712bc2daaff9d9f8a9585aef62a
SHA1

165a826b1cd5159eee57039cac6033ee857005df
SHA256

107953c29a193e80e0744f807acbfad8f4cf533ad811f4bf810b8cd1d58eed32
SHA512

c0a0a47a19c2f027f4e56e3f456d08c6eb0c38899ba31ae2bc77414e2eb6bd1a59c9264e9bc01eccd09b6ed4f0bd51822bd18daa11d0db5608f013ee1fc4a7eb
SSDEEP

6144:Pp2YI+V7/mSJAm2FZXXp38iEej2uZxMyt7JH/aPQw3Oi7LZ:xPV7/muT2fnp38i1iuZGZPQgLZ

Score

10^/10

raccoon

Family

raccoon

rc4.plain

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1bac6d68ebdfa6e0d333a370d2b55849ce4d48d0dcb60ced8900febf2bf27de7

1bac6d68ebdfa6e0d333a370d2b55849ce4d48d0dcb60ced8900febf2bf27de7.zip
.zip

Password: infected
1bac6d68ebdfa6e0d333a370d2b55849ce4d48d0dcb60ced8900febf2bf27de7
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ