raccoon | payload[.]bin[.]exe

Resubmissions

02-12-2024 16:47

241202-vamktsspat 10

06-02-2023 04:24

230206-e1d4dafd8x 8

Sharing

Copy URL

Twitter E-mail

General

Target

payload.bin.exe
Size

107KB
MD5

3e2fd3c6aef426ee110e27a2a0ce1f8b
SHA1

35966d13bbfbe4a85478343b35d1b4d5297fcbd1
SHA256

f2cde4100fdbb5841b0f68e1c5dbba912b38478e64698c0238edb62415d1ad70
SHA512

48d6792fe887e5e027c8bb66f9780bc64367440a2346a6327ca3ca9cb8f67b69129fdfd29f23edbfeb2f1d60c4bf4119a0413e19c3a48dfe2386dc9fc5733052
SSDEEP

1536:Bpaiq0I2XvL/5kVvpyITHAOEH8pIZ+msXvsfJre8oJ1C7uj9m:BpaikE/5SppIZ+m2sfJrebJF

Score

10^/10

309929676cf1319632c483aa7c11dd7a raccoon

Malware Config

Extracted

Family

raccoon

Botnet

309929676cf1319632c483aa7c11dd7a

http://45.15.156.50/

Attributes

user_agent
901785252112

xor.plain

Signatures

Raccoon Stealer V2 payload 1 IoCs

Processes:

resource	yara_rule
sample	family_raccoon_v2

Raccoon family
raccoon

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
payload.bin.exe

Files

payload.bin.exe
.exe windows:6 windows x86 arch:x86

89766042e29aed5fce63c7340618b000

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
CheckRemoteDebuggerPresent
CreateFileW
GetProcAddress
LoadLibraryA

user32

DestroyWindow

gdi32

GetObjectW

ole32

CoDecodeProxy
CoInitialize

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

89766042e29aed5fce63c7340618b000

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB