Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbe9ca765df3e10aff06e6d4f3bc53b57daa2d9d4571b4c3b194653d42829148

  • Size

    512KB

  • Sample

    211021-n6v4hsbban

  • MD5

    e38fc5d865508d2de73d9422cc82b991

  • SHA1

    468c087050cbc461c8d61874c9882775689c2b34

  • SHA256

    dbe9ca765df3e10aff06e6d4f3bc53b57daa2d9d4571b4c3b194653d42829148

  • SHA512

    8bc841efa2f1f9d894bf9d04232f51b319f9ace7b91e6f5cd16efad48b2e672ff069ea2dd8ad74812a9705e57460586a0cf28e0dbfd8917c91f0488b8d1ab84d

Score
10/10
raccoon887a0ffaca448362277f2227182491216b734133stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      dbe9ca765df3e10aff06e6d4f3bc53b57daa2d9d4571b4c3b194653d42829148

    • Size

      512KB

    • MD5

      e38fc5d865508d2de73d9422cc82b991

    • SHA1

      468c087050cbc461c8d61874c9882775689c2b34

    • SHA256

      dbe9ca765df3e10aff06e6d4f3bc53b57daa2d9d4571b4c3b194653d42829148

    • SHA512

      8bc841efa2f1f9d894bf9d04232f51b319f9ace7b91e6f5cd16efad48b2e672ff069ea2dd8ad74812a9705e57460586a0cf28e0dbfd8917c91f0488b8d1ab84d

    Score
    10/10
    raccoon887a0ffaca448362277f2227182491216b734133stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks