raccoon | 88dcd1381efb313ee68a74d539626f95bd7ec5fb18c47095307f35855297b228[.]zip

General

Target

88dcd1381efb313ee68a74d539626f95bd7ec5fb18c47095307f35855297b228.zip
Size

311KB
MD5

561b3d4d194a8acb70b77ef3b6431963
SHA1

12bc59c066569019457a0b3e64714c8c7c53f702
SHA256

ebac7047fa347bb54580ba7a5e6c6b1eb9d176e674dacc37558028dac30859fe
SHA512

a1a1a7d75fc080c6ba5367f97d54c024ba18c771eecefcdb4173d22f3452ff9f014d2dbf1cff345c371ca8f74b0e4a9cf841800b04f132fb2c6c23c484ee2cb1
SSDEEP

6144:0ZclLUUlRL1fSktejEF3/iOMqWd+MDnDxKjU7ylR/xh9ldwtK+H0ufl:0ZALU+xaXjKaOb0hDnDKUWraEIFt

Score

10^/10

raccoon

Family

raccoon

rc4.plain

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/88dcd1381efb313ee68a74d539626f95bd7ec5fb18c47095307f35855297b228

88dcd1381efb313ee68a74d539626f95bd7ec5fb18c47095307f35855297b228.zip
.zip

Password: infected
88dcd1381efb313ee68a74d539626f95bd7ec5fb18c47095307f35855297b228
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ