Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    981a150e4ee0e80d93d9ca3675422032ce3a0311854b5c1a9fe94c14631d5131

  • Size

    513KB

  • Sample

    211021-ql79fsbbhm

  • MD5

    1e01b688503914d793ab2c03e2de5462

  • SHA1

    1fdf27c327533621c165b85479db69b0a63e13da

  • SHA256

    981a150e4ee0e80d93d9ca3675422032ce3a0311854b5c1a9fe94c14631d5131

  • SHA512

    6ff0db9b18869448fbb23c200deabc934d120dd55f9c32da382c9a6abad2c0b299ba08d6eaea10b1f6f4aa02fe4e34242b4cedd715c76c41b56f8556d0a78fd0

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      981a150e4ee0e80d93d9ca3675422032ce3a0311854b5c1a9fe94c14631d5131

    • Size

      513KB

    • MD5

      1e01b688503914d793ab2c03e2de5462

    • SHA1

      1fdf27c327533621c165b85479db69b0a63e13da

    • SHA256

      981a150e4ee0e80d93d9ca3675422032ce3a0311854b5c1a9fe94c14631d5131

    • SHA512

      6ff0db9b18869448fbb23c200deabc934d120dd55f9c32da382c9a6abad2c0b299ba08d6eaea10b1f6f4aa02fe4e34242b4cedd715c76c41b56f8556d0a78fd0

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks