Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe5baacf899eaf4343aaf323af83d76f1d7b6a0c565826338cc46635118e2d9c

  • Size

    3.7MB

  • Sample

    211021-xvertsbehm

  • MD5

    b022fa2b1beb55aee7bb0f1fb351ae1f

  • SHA1

    ceedd470b439a8249b53ba6c6e74fa2a51b3c0c0

  • SHA256

    fe5baacf899eaf4343aaf323af83d76f1d7b6a0c565826338cc46635118e2d9c

  • SHA512

    13bc948f106013594fb0b20d7bf785cdd10d97ad6830951749200866d3424b3be6c6a60a4176bca6c7e5f7b841c569ea1b6436edd60e510c955e34994fc9fcfd

Score
10/10
raccooncf3e15a8aec8fe7eead8f124a5222c57fad37d42stealer

Malware Config

Extracted

Family

raccoon

Botnet

cf3e15a8aec8fe7eead8f124a5222c57fad37d42

Attributes
  • url4cnc

    http://telegatt.top/dodgeneontwinturbo

    http://telegka.top/dodgeneontwinturbo

    http://telegin.top/dodgeneontwinturbo

    https://t.me/dodgeneontwinturbo

rc4.plain
rc4.plain

Targets

    • Target

      fe5baacf899eaf4343aaf323af83d76f1d7b6a0c565826338cc46635118e2d9c

    • Size

      3.7MB

    • MD5

      b022fa2b1beb55aee7bb0f1fb351ae1f

    • SHA1

      ceedd470b439a8249b53ba6c6e74fa2a51b3c0c0

    • SHA256

      fe5baacf899eaf4343aaf323af83d76f1d7b6a0c565826338cc46635118e2d9c

    • SHA512

      13bc948f106013594fb0b20d7bf785cdd10d97ad6830951749200866d3424b3be6c6a60a4176bca6c7e5f7b841c569ea1b6436edd60e510c955e34994fc9fcfd

    Score
    10/10
    raccooncf3e15a8aec8fe7eead8f124a5222c57fad37d42stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks