Behavioral task
behavioral1
Sample
6514f2346d2778d38f9008810be53ccd7674fba0.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
6514f2346d2778d38f9008810be53ccd7674fba0.exe
Resource
win10v2004-20241007-en
General
-
Target
6514f2346d2778d38f9008810be53ccd7674fba0.rl.zip
-
Size
28.8MB
-
MD5
d4721cc6d745c7eee7e760cd49361e92
-
SHA1
2550787bd38f2302109e2d4ebe3080504d36621f
-
SHA256
8d83a151f58129412f422a869d13900fee66b6e0ea3f257c11e97a8880b5b87e
-
SHA512
698637d5d4553e332e16d5e08a745bf0caf4e61c6110c289173048a76311cb39ef6545a01e70885f7242fd893c99f00525d01ef2a37d36ef93f00d090dea716d
-
SSDEEP
786432:/CEKxMX6gb4HK51qdmLQVZ7mr0RU24ocWPmi35bbdc:/XtqqCsMd7RkWPmkNe
Malware Config
Signatures
-
Raccoon Stealer V2 payload 1 IoCs
resource yara_rule static1/unpack001/6514f2346d2778d38f9008810be53ccd7674fba0.rl family_raccoon_v2 -
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/6514f2346d2778d38f9008810be53ccd7674fba0.rl
Files
-
6514f2346d2778d38f9008810be53ccd7674fba0.rl.zip.zip
Password: infected
-
6514f2346d2778d38f9008810be53ccd7674fba0.rl.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data0 Size: - Virtual size: 11.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data1 Size: 1024B - Virtual size: 944B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data2 Size: 19.8MB - Virtual size: 19.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ