Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8

  • Size

    587KB

  • Sample

    211020-wfvztshdf4

  • MD5

    3806b4d9dcd3f2f825caf10ee614a22d

  • SHA1

    0a1dba880a465dbc97bbc71dace9eb2be513e36e

  • SHA256

    5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8

  • SHA512

    83803f2a836b29fc8d9c05be06b83e0f0f13cafd305db4f9d63e388bcd11a7b812cb8bec3a6195b987b7bc2e1e151948e9f9ec37e1f16896ca89b992aa7bdc30

Score
10/10
raccoon887a0ffaca448362277f2227182491216b734133stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8

    • Size

      587KB

    • MD5

      3806b4d9dcd3f2f825caf10ee614a22d

    • SHA1

      0a1dba880a465dbc97bbc71dace9eb2be513e36e

    • SHA256

      5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8

    • SHA512

      83803f2a836b29fc8d9c05be06b83e0f0f13cafd305db4f9d63e388bcd11a7b812cb8bec3a6195b987b7bc2e1e151948e9f9ec37e1f16896ca89b992aa7bdc30

    Score
    10/10
    raccoon887a0ffaca448362277f2227182491216b734133stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks