Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    449483d44a5d0d0839858996dc642c0f6c23163934651af54efe19f5dc19ec55

  • Size

    475KB

  • Sample

    211025-qwaqyahahn

  • MD5

    da2c0971401afce1960a4de072e4d81a

  • SHA1

    ec533a49bebd75df6263ea8cf1c03922d706c4a5

  • SHA256

    449483d44a5d0d0839858996dc642c0f6c23163934651af54efe19f5dc19ec55

  • SHA512

    807cb9b4314071543373a8813b5a09f04998ee48ec0d9db4e12b2e82bba64b3f9fd047fc733e2cc684bfb13c95e47f7015916fb20d2ba94c7374071d6d4a5876

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      449483d44a5d0d0839858996dc642c0f6c23163934651af54efe19f5dc19ec55

    • Size

      475KB

    • MD5

      da2c0971401afce1960a4de072e4d81a

    • SHA1

      ec533a49bebd75df6263ea8cf1c03922d706c4a5

    • SHA256

      449483d44a5d0d0839858996dc642c0f6c23163934651af54efe19f5dc19ec55

    • SHA512

      807cb9b4314071543373a8813b5a09f04998ee48ec0d9db4e12b2e82bba64b3f9fd047fc733e2cc684bfb13c95e47f7015916fb20d2ba94c7374071d6d4a5876

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks