Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c54d9b7b4f3854d21d2d9fd0d3b56f1ad268ea4feb2b28b4c1835cce9861513c

  • Size

    476KB

  • Sample

    211025-mfm5jsghdk

  • MD5

    ce85beb0067ad209f18688c66f9ce1b3

  • SHA1

    f54968aae17e191ede972518274907ef0a305a48

  • SHA256

    c54d9b7b4f3854d21d2d9fd0d3b56f1ad268ea4feb2b28b4c1835cce9861513c

  • SHA512

    42d3c04d1c38ed0c40ceb5852d08eeef55bdd2c42001f23edb53b70328f7ef12cf527024fec456e9877e09f88520d8245a713f572e58f216eb9346fc61a1655b

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      c54d9b7b4f3854d21d2d9fd0d3b56f1ad268ea4feb2b28b4c1835cce9861513c

    • Size

      476KB

    • MD5

      ce85beb0067ad209f18688c66f9ce1b3

    • SHA1

      f54968aae17e191ede972518274907ef0a305a48

    • SHA256

      c54d9b7b4f3854d21d2d9fd0d3b56f1ad268ea4feb2b28b4c1835cce9861513c

    • SHA512

      42d3c04d1c38ed0c40ceb5852d08eeef55bdd2c42001f23edb53b70328f7ef12cf527024fec456e9877e09f88520d8245a713f572e58f216eb9346fc61a1655b

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks