Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b

  • Size

    3.8MB

  • Sample

    211018-ps182seedk

  • MD5

    668656cd25b7af46075db91e4eeaf9bf

  • SHA1

    a8eb80d6470bf59051359d10822498df6ee8bd36

  • SHA256

    ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b

  • SHA512

    26e9b44b81b4d106e9972225717e6f4bfd42f6c77e51d9a8c8e4639a605a3d3e708081b4780d670c906e2ac19854c42504c7cf69728b0ba7655d9379e9da88c9

Score
10/10
raccooncf3e15a8aec8fe7eead8f124a5222c57fad37d42stealer

Malware Config

Extracted

Family

raccoon

Botnet

cf3e15a8aec8fe7eead8f124a5222c57fad37d42

Attributes
  • url4cnc

    http://telegatt.top/dodgeneontwinturbo

    http://telegka.top/dodgeneontwinturbo

    http://telegin.top/dodgeneontwinturbo

    https://t.me/dodgeneontwinturbo

rc4.plain
rc4.plain

Targets

    • Target

      ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b

    • Size

      3.8MB

    • MD5

      668656cd25b7af46075db91e4eeaf9bf

    • SHA1

      a8eb80d6470bf59051359d10822498df6ee8bd36

    • SHA256

      ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b

    • SHA512

      26e9b44b81b4d106e9972225717e6f4bfd42f6c77e51d9a8c8e4639a605a3d3e708081b4780d670c906e2ac19854c42504c7cf69728b0ba7655d9379e9da88c9

    Score
    10/10
    raccooncf3e15a8aec8fe7eead8f124a5222c57fad37d42stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks