Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1eb3d06e797b87fbe1dcee293c2cd0572e1b52c46d9320914c4b0cfa8824dea1

  • Size

    512KB

  • Sample

    211021-shh69sbchl

  • MD5

    314c225da6673b3c6da45951c844b3b9

  • SHA1

    0d21b3946696aec6f8be501fe4fb8bb609b8e8e3

  • SHA256

    1eb3d06e797b87fbe1dcee293c2cd0572e1b52c46d9320914c4b0cfa8824dea1

  • SHA512

    ca9e3b4de9dd563051a6a0f59d30e4874cc0b661f13116e630537a623aadd3320316a6e7dc37714444e3d8f15e06217a8356cd8f20009b782430753e3aeea7cb

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      1eb3d06e797b87fbe1dcee293c2cd0572e1b52c46d9320914c4b0cfa8824dea1

    • Size

      512KB

    • MD5

      314c225da6673b3c6da45951c844b3b9

    • SHA1

      0d21b3946696aec6f8be501fe4fb8bb609b8e8e3

    • SHA256

      1eb3d06e797b87fbe1dcee293c2cd0572e1b52c46d9320914c4b0cfa8824dea1

    • SHA512

      ca9e3b4de9dd563051a6a0f59d30e4874cc0b661f13116e630537a623aadd3320316a6e7dc37714444e3d8f15e06217a8356cd8f20009b782430753e3aeea7cb

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks