raccoon | 49193e765c9727f928acf97b6ed0c16ebbc107d80c393e91a7a57fde675b10bf[.]zip

General

Target

49193e765c9727f928acf97b6ed0c16ebbc107d80c393e91a7a57fde675b10bf.zip
Size

361KB
MD5

bf2b93aa25b383160436521abc112b55
SHA1

8a985429ed73c162288c54b5a6e6e66f4f29fa56
SHA256

4720bb74fb59d088232fe8562ea606587b4ae627b4f79e000beacbea3b2a5fbe
SHA512

a87260e34f082e8fb8c0547f294eefbfa8ba30f5269c70cd9c1b31614ea2ab553a66d848a7b0d70cebba4f9cf6ffa09a5a9e98eb83673a780a500baf98110e96
SSDEEP

6144:pZclLUUlRL1fSktejEF3/iOMqWd+MDnDxKjU7ylR/xh9lIKQLpcUE0SBTb4smTRK:pZALU+xaXjKaOb0hDnDKUWr4K1UE0SNd

Score

10^/10

raccoon

Family

raccoon

rc4.plain

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/49193e765c9727f928acf97b6ed0c16ebbc107d80c393e91a7a57fde675b10bf

49193e765c9727f928acf97b6ed0c16ebbc107d80c393e91a7a57fde675b10bf.zip
.zip

Password: infected
49193e765c9727f928acf97b6ed0c16ebbc107d80c393e91a7a57fde675b10bf
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ