Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e60c985939f7ced8d26ccc57e8c43bec2c7f639027e31f7d9a61c726ea7fe09

  • Size

    594KB

  • Sample

    211022-wxm1jschan

  • MD5

    aa4e082db04b5f44f47f552223e80cac

  • SHA1

    c13cea9a5844ae0efba489c557a1d28e9db33bc7

  • SHA256

    2e60c985939f7ced8d26ccc57e8c43bec2c7f639027e31f7d9a61c726ea7fe09

  • SHA512

    84dea40f9414d9cc4e2ff24fc7fcc2aab942c9636524529198996244e09cc71a85d40939cda997201ded6e1f396a0d7be4369ca402ac88030ae8869008d09f83

Score
10/10
raccoon6655b26b014f56ed3e8df973c407aa18e865e396stealer

Malware Config

Extracted

Family

raccoon

Botnet

6655b26b014f56ed3e8df973c407aa18e865e396

Attributes
  • url4cnc

    http://telegka.top/kaba4ello

    http://telegin.top/kaba4ello

    https://t.me/kaba4ello

rc4.plain
rc4.plain

Targets

    • Target

      2e60c985939f7ced8d26ccc57e8c43bec2c7f639027e31f7d9a61c726ea7fe09

    • Size

      594KB

    • MD5

      aa4e082db04b5f44f47f552223e80cac

    • SHA1

      c13cea9a5844ae0efba489c557a1d28e9db33bc7

    • SHA256

      2e60c985939f7ced8d26ccc57e8c43bec2c7f639027e31f7d9a61c726ea7fe09

    • SHA512

      84dea40f9414d9cc4e2ff24fc7fcc2aab942c9636524529198996244e09cc71a85d40939cda997201ded6e1f396a0d7be4369ca402ac88030ae8869008d09f83

    Score
    10/10
    raccoon6655b26b014f56ed3e8df973c407aa18e865e396stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks