Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e8cf0a17745f6c53332949b13ef0d3d52d3850f965e1737f27272b0f9254288

  • Size

    587KB

  • Sample

    211025-d137tsfec7

  • MD5

    9672b04a3838f6649f5aeeeb99ed8a1f

  • SHA1

    30105890a91f1b98f0cc35b8f74c828d1d394ba7

  • SHA256

    3e8cf0a17745f6c53332949b13ef0d3d52d3850f965e1737f27272b0f9254288

  • SHA512

    6d2510d0dfd9b0b963ff3fcfede4329f0767a67d181172e2ba833b0def0ec8c55e829939ab9327f1f2051930b7bb4b990219cce1f02eda92a64e14c57a8152bf

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      3e8cf0a17745f6c53332949b13ef0d3d52d3850f965e1737f27272b0f9254288

    • Size

      587KB

    • MD5

      9672b04a3838f6649f5aeeeb99ed8a1f

    • SHA1

      30105890a91f1b98f0cc35b8f74c828d1d394ba7

    • SHA256

      3e8cf0a17745f6c53332949b13ef0d3d52d3850f965e1737f27272b0f9254288

    • SHA512

      6d2510d0dfd9b0b963ff3fcfede4329f0767a67d181172e2ba833b0def0ec8c55e829939ab9327f1f2051930b7bb4b990219cce1f02eda92a64e14c57a8152bf

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks