Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4508277cc40a4a28a9b4a39483743b2a7de21827d3850dc00c4a49825ad0e93

  • Size

    512KB

  • Sample

    211021-tj7fxsaec8

  • MD5

    694b01b2d4533b1e7e13b3c809062290

  • SHA1

    fb4a27bcc4af74a787a1ec7b3fc7264a88074a85

  • SHA256

    b4508277cc40a4a28a9b4a39483743b2a7de21827d3850dc00c4a49825ad0e93

  • SHA512

    d98b2ed2338c43d1cd89d0c7548a4ac70a3979bfd695f1b0dd7a46d828380a24904ec76b0f6dc9b00dbe9a35d5d324614747b63a60da8b0963f939e7ce8f1c23

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      b4508277cc40a4a28a9b4a39483743b2a7de21827d3850dc00c4a49825ad0e93

    • Size

      512KB

    • MD5

      694b01b2d4533b1e7e13b3c809062290

    • SHA1

      fb4a27bcc4af74a787a1ec7b3fc7264a88074a85

    • SHA256

      b4508277cc40a4a28a9b4a39483743b2a7de21827d3850dc00c4a49825ad0e93

    • SHA512

      d98b2ed2338c43d1cd89d0c7548a4ac70a3979bfd695f1b0dd7a46d828380a24904ec76b0f6dc9b00dbe9a35d5d324614747b63a60da8b0963f939e7ce8f1c23

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks