Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0da59a2f70ce2973675ea6e7bb10b4cecb23b8adfbb5a5a7ad99f1b73e4e43c5

  • Size

    512KB

  • Sample

    211021-yztxzsafg6

  • MD5

    41ed12715788b8a094be91e34f2ecbcc

  • SHA1

    a3d317338ea4e216fa8d618afe782c5ec6be6cf8

  • SHA256

    0da59a2f70ce2973675ea6e7bb10b4cecb23b8adfbb5a5a7ad99f1b73e4e43c5

  • SHA512

    a6200181fc27055443466eee4d135f6479a8c966de095e95b5433756e3949be0b878dd63565ac58d29cf936a1829688fa0bc5e2e3eb3338bf630bf63935e8728

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      0da59a2f70ce2973675ea6e7bb10b4cecb23b8adfbb5a5a7ad99f1b73e4e43c5

    • Size

      512KB

    • MD5

      41ed12715788b8a094be91e34f2ecbcc

    • SHA1

      a3d317338ea4e216fa8d618afe782c5ec6be6cf8

    • SHA256

      0da59a2f70ce2973675ea6e7bb10b4cecb23b8adfbb5a5a7ad99f1b73e4e43c5

    • SHA512

      a6200181fc27055443466eee4d135f6479a8c966de095e95b5433756e3949be0b878dd63565ac58d29cf936a1829688fa0bc5e2e3eb3338bf630bf63935e8728

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks