Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744

  • Size

    513KB

  • Sample

    211021-1xfzfsbgcl

  • MD5

    94b576115c7f0fe5c3aed538b6258694

  • SHA1

    d8e7fd08729ae71d477bb70bca2641dbb519799f

  • SHA256

    abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744

  • SHA512

    a27afd390b8a9ce84d558037f05a3b73edc37657f5df63522e44c851d42f77aa373b52dfc9ceda2cc3a054ebf3cec2d8dda1da69d429d9d6f7f9d81c0e623d99

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744

    • Size

      513KB

    • MD5

      94b576115c7f0fe5c3aed538b6258694

    • SHA1

      d8e7fd08729ae71d477bb70bca2641dbb519799f

    • SHA256

      abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744

    • SHA512

      a27afd390b8a9ce84d558037f05a3b73edc37657f5df63522e44c851d42f77aa373b52dfc9ceda2cc3a054ebf3cec2d8dda1da69d429d9d6f7f9d81c0e623d99

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks