Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8180736c95b81409ef7f041660f5d51ffb048a8d0669aca54ff6eed92f864f82

  • Size

    512KB

  • Sample

    211021-z1by8sbfej

  • MD5

    b78c7ff959d4d96628b64d60ff2dc8cd

  • SHA1

    6ffe70c29259b3de2e524cff2c3f269995a51277

  • SHA256

    8180736c95b81409ef7f041660f5d51ffb048a8d0669aca54ff6eed92f864f82

  • SHA512

    b50f3f636c813078ebcd2cf103aca5a5033827ebeb0da47d036d94f74984633640cf89dc5a212dde04fd618bf273cf0c985cc76ea94b57dab1b5baf4887b6690

Score
10/10
raccoonac738e6383a48d6a74aeab7c52ebcd50f76032eestealer

Malware Config

Extracted

Family

raccoon

Botnet

ac738e6383a48d6a74aeab7c52ebcd50f76032ee

Attributes
  • url4cnc

    http://telegka.top/jdiamond13

    http://telegin.top/jdiamond13

    https://t.me/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      8180736c95b81409ef7f041660f5d51ffb048a8d0669aca54ff6eed92f864f82

    • Size

      512KB

    • MD5

      b78c7ff959d4d96628b64d60ff2dc8cd

    • SHA1

      6ffe70c29259b3de2e524cff2c3f269995a51277

    • SHA256

      8180736c95b81409ef7f041660f5d51ffb048a8d0669aca54ff6eed92f864f82

    • SHA512

      b50f3f636c813078ebcd2cf103aca5a5033827ebeb0da47d036d94f74984633640cf89dc5a212dde04fd618bf273cf0c985cc76ea94b57dab1b5baf4887b6690

    Score
    10/10
    raccoonac738e6383a48d6a74aeab7c52ebcd50f76032eestealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks