Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1b856b9cf8a5dec3d17a72410131c533ea5815a193efa6faa3f27d1916b32e8

  • Size

    512KB

  • Sample

    211021-tpd2kaaed4

  • MD5

    ab307db40b92b363714d000246de27b7

  • SHA1

    b574605349803054a928779cf0bc78b9785d5d44

  • SHA256

    b1b856b9cf8a5dec3d17a72410131c533ea5815a193efa6faa3f27d1916b32e8

  • SHA512

    7fca4b5bfaa2be3c4c6b981e05864e69e0fd3afbfd8e238f8a5d645578d9280fadd7b856af47fbdcbb7cddc4ec7051e53612657a76d17660f69ebf08669b15de

Score
10/10
raccoon887a0ffaca448362277f2227182491216b734133stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      b1b856b9cf8a5dec3d17a72410131c533ea5815a193efa6faa3f27d1916b32e8

    • Size

      512KB

    • MD5

      ab307db40b92b363714d000246de27b7

    • SHA1

      b574605349803054a928779cf0bc78b9785d5d44

    • SHA256

      b1b856b9cf8a5dec3d17a72410131c533ea5815a193efa6faa3f27d1916b32e8

    • SHA512

      7fca4b5bfaa2be3c4c6b981e05864e69e0fd3afbfd8e238f8a5d645578d9280fadd7b856af47fbdcbb7cddc4ec7051e53612657a76d17660f69ebf08669b15de

    Score
    10/10
    raccoon887a0ffaca448362277f2227182491216b734133stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks