Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    151b7fe1f2ddf6012666135ad5047bf66311dd465f8080e7a730bde1b6d639aa

  • Size

    508KB

  • Sample

    211021-dwh14aaffp

  • MD5

    a2e443df4bcd9289497bbb7b3e38d7de

  • SHA1

    d44d63860f0527c2f4b69efc4167e4d4bb2c9974

  • SHA256

    151b7fe1f2ddf6012666135ad5047bf66311dd465f8080e7a730bde1b6d639aa

  • SHA512

    45ddc97a4f287ef405bfc87290f0f44a7e9f02b53f9189138fe0a4e31c8ba8f10adcd0daa63a328fee06ddfb1a70f8298b7114d6d24e46699de3db353dec08ca

Score
10/10
raccoon887a0ffaca448362277f2227182491216b734133stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      151b7fe1f2ddf6012666135ad5047bf66311dd465f8080e7a730bde1b6d639aa

    • Size

      508KB

    • MD5

      a2e443df4bcd9289497bbb7b3e38d7de

    • SHA1

      d44d63860f0527c2f4b69efc4167e4d4bb2c9974

    • SHA256

      151b7fe1f2ddf6012666135ad5047bf66311dd465f8080e7a730bde1b6d639aa

    • SHA512

      45ddc97a4f287ef405bfc87290f0f44a7e9f02b53f9189138fe0a4e31c8ba8f10adcd0daa63a328fee06ddfb1a70f8298b7114d6d24e46699de3db353dec08ca

    Score
    10/10
    raccoon887a0ffaca448362277f2227182491216b734133stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks