Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1aec6cc141b967ad7e484585cc9f14807fdea191960515a13e638d26ae1cbcee

  • Size

    492KB

  • Sample

    211026-k7yn9ahhej

  • MD5

    0ccca865e4d4098983d224eb8cdecee6

  • SHA1

    8a2c6b3c842b11f2d90d98f1f2cc16e61ac5dd2a

  • SHA256

    1aec6cc141b967ad7e484585cc9f14807fdea191960515a13e638d26ae1cbcee

  • SHA512

    7ac74c0d006cc26da5cb4eaaf4f8232537e2b481aaa38716623e80441e87e31e2183d991cda15c41cae370f5eaa5812b96fc90bdd327c3ebe866de012ec56167

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      1aec6cc141b967ad7e484585cc9f14807fdea191960515a13e638d26ae1cbcee

    • Size

      492KB

    • MD5

      0ccca865e4d4098983d224eb8cdecee6

    • SHA1

      8a2c6b3c842b11f2d90d98f1f2cc16e61ac5dd2a

    • SHA256

      1aec6cc141b967ad7e484585cc9f14807fdea191960515a13e638d26ae1cbcee

    • SHA512

      7ac74c0d006cc26da5cb4eaaf4f8232537e2b481aaa38716623e80441e87e31e2183d991cda15c41cae370f5eaa5812b96fc90bdd327c3ebe866de012ec56167

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks