Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84d840893dc669a95c97d0686f37b13fc365ee314267038923210b9c82c1c65c

  • Size

    1.4MB

  • Sample

    210930-xb3pjsadhj

  • MD5

    64e809a0d16a027067c7dd7684293c37

  • SHA1

    126cf22cb6084f67eb8887b93c9cf13fe5b682d2

  • SHA256

    84d840893dc669a95c97d0686f37b13fc365ee314267038923210b9c82c1c65c

  • SHA512

    d6a5c0dfc4caa3f700a2da4177e28dfcf1f6d93381e0aa924388c65042e89a86afe503d599ed45ea439fda4a75d7e717f83bf6a1bf6206a7637e6aa9d0a0d81a

Score
10/10
raccoon6b473ae90575e46165b57807704d00b90b7f6fb2stealersuricata

Malware Config

Extracted

Family

raccoon

Botnet

6b473ae90575e46165b57807704d00b90b7f6fb2

Attributes
  • url4cnc

    http://teletop.top/viv0ramadium0,http://teleta.top/viv0ramadium0,https://t.me/viv0ramadium0

rc4.plain
rc4.plain

Targets

    • Target

      84d840893dc669a95c97d0686f37b13fc365ee314267038923210b9c82c1c65c

    • Size

      1.4MB

    • MD5

      64e809a0d16a027067c7dd7684293c37

    • SHA1

      126cf22cb6084f67eb8887b93c9cf13fe5b682d2

    • SHA256

      84d840893dc669a95c97d0686f37b13fc365ee314267038923210b9c82c1c65c

    • SHA512

      d6a5c0dfc4caa3f700a2da4177e28dfcf1f6d93381e0aa924388c65042e89a86afe503d599ed45ea439fda4a75d7e717f83bf6a1bf6206a7637e6aa9d0a0d81a

    Score
    10/10
    raccoon6b473ae90575e46165b57807704d00b90b7f6fb2stealersuricata

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)

      suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)

      suricata

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks