Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5

  • Size

    512KB

  • Sample

    211021-avc7nshfh2

  • MD5

    61d42f5881cfe3a2d2d16d1d4a753d2a

  • SHA1

    64ee44562372947ddbb5fd66701908ab410d60ac

  • SHA256

    5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5

  • SHA512

    d5e8f79256a663a1a81c35ba1027b900bec359dbcdb9fc3f801680904e210ce62ab7453ba3eeedb0a0c824a0c4f3f7d787ce8bbe2c4430d1cd10c228084e6037

Score
10/10
raccoon887a0ffaca448362277f2227182491216b734133stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5

    • Size

      512KB

    • MD5

      61d42f5881cfe3a2d2d16d1d4a753d2a

    • SHA1

      64ee44562372947ddbb5fd66701908ab410d60ac

    • SHA256

      5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5

    • SHA512

      d5e8f79256a663a1a81c35ba1027b900bec359dbcdb9fc3f801680904e210ce62ab7453ba3eeedb0a0c824a0c4f3f7d787ce8bbe2c4430d1cd10c228084e6037

    Score
    10/10
    raccoon887a0ffaca448362277f2227182491216b734133stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks