Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1de7604b0624601cdd60d79f15a882e912a3bfdd4c9ef220fa95e7bb350103b0

  • Size

    512KB

  • Sample

    211021-1qg8yaaha7

  • MD5

    f367505aa21c0af4ce542306bc5f41fe

  • SHA1

    15b2716c8abaf88d6b268271538a6cbb1148b933

  • SHA256

    1de7604b0624601cdd60d79f15a882e912a3bfdd4c9ef220fa95e7bb350103b0

  • SHA512

    32b40e45d02c240dc4a4c19699fe96d653e48dd2fedcc36690f869303aefacba417cc2756a293b8108ad086ff6ab6e5444a4d49794819a64c0245a75d12059d8

Score
10/10
raccoonac738e6383a48d6a74aeab7c52ebcd50f76032eestealer

Malware Config

Extracted

Family

raccoon

Botnet

ac738e6383a48d6a74aeab7c52ebcd50f76032ee

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      1de7604b0624601cdd60d79f15a882e912a3bfdd4c9ef220fa95e7bb350103b0

    • Size

      512KB

    • MD5

      f367505aa21c0af4ce542306bc5f41fe

    • SHA1

      15b2716c8abaf88d6b268271538a6cbb1148b933

    • SHA256

      1de7604b0624601cdd60d79f15a882e912a3bfdd4c9ef220fa95e7bb350103b0

    • SHA512

      32b40e45d02c240dc4a4c19699fe96d653e48dd2fedcc36690f869303aefacba417cc2756a293b8108ad086ff6ab6e5444a4d49794819a64c0245a75d12059d8

    Score
    10/10
    raccoonac738e6383a48d6a74aeab7c52ebcd50f76032eestealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks