Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b96fc5518d7726eb29b5e0931723d5ccd01318405cdcdb3fd116bdab40d5106d

  • Size

    512KB

  • Sample

    211021-13c5raahb5

  • MD5

    cc752dadd236648c4ac68c50e74118c2

  • SHA1

    137d21843508adc0600677b813254da49c8c548e

  • SHA256

    b96fc5518d7726eb29b5e0931723d5ccd01318405cdcdb3fd116bdab40d5106d

  • SHA512

    8d57a67ba2fbcec129c826afe65e0b6a490867ac73a1bc47a0b71a090d986709664e5328e8c43da4f1e0bdcea998330cac3f39e236503739de1cadc09ec2cd1c

Score
10/10
raccoonac738e6383a48d6a74aeab7c52ebcd50f76032eestealer

Malware Config

Extracted

Family

raccoon

Botnet

ac738e6383a48d6a74aeab7c52ebcd50f76032ee

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      b96fc5518d7726eb29b5e0931723d5ccd01318405cdcdb3fd116bdab40d5106d

    • Size

      512KB

    • MD5

      cc752dadd236648c4ac68c50e74118c2

    • SHA1

      137d21843508adc0600677b813254da49c8c548e

    • SHA256

      b96fc5518d7726eb29b5e0931723d5ccd01318405cdcdb3fd116bdab40d5106d

    • SHA512

      8d57a67ba2fbcec129c826afe65e0b6a490867ac73a1bc47a0b71a090d986709664e5328e8c43da4f1e0bdcea998330cac3f39e236503739de1cadc09ec2cd1c

    Score
    10/10
    raccoonac738e6383a48d6a74aeab7c52ebcd50f76032eestealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks