Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8755a48782f629b3aa301d8d94b6a62ee7cb58ee149a418ff8a90b3df59c581

  • Size

    512KB

  • Sample

    211021-kk4lzsaae2

  • MD5

    c46c6ef383839e686f3d3a0998c344ec

  • SHA1

    097182d34d388744d5c307f7b0981dd8813ea52c

  • SHA256

    b8755a48782f629b3aa301d8d94b6a62ee7cb58ee149a418ff8a90b3df59c581

  • SHA512

    e67c9d5dc66477b1583f71b33ef49ba3217036a9925f28bf9c968966c3d2a6bbe240e11891e5e5cf7e461ddc649e9dae2e3750d8af03082687f5f367e13b634e

Score
10/10
raccoon887a0ffaca448362277f2227182491216b734133stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      b8755a48782f629b3aa301d8d94b6a62ee7cb58ee149a418ff8a90b3df59c581

    • Size

      512KB

    • MD5

      c46c6ef383839e686f3d3a0998c344ec

    • SHA1

      097182d34d388744d5c307f7b0981dd8813ea52c

    • SHA256

      b8755a48782f629b3aa301d8d94b6a62ee7cb58ee149a418ff8a90b3df59c581

    • SHA512

      e67c9d5dc66477b1583f71b33ef49ba3217036a9925f28bf9c968966c3d2a6bbe240e11891e5e5cf7e461ddc649e9dae2e3750d8af03082687f5f367e13b634e

    Score
    10/10
    raccoon887a0ffaca448362277f2227182491216b734133stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks