Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1603912e132ae6afa53043511a961192a986d8aec8238d94ec3328267f1241ad

  • Size

    464KB

  • Sample

    211026-pb3esahch5

  • MD5

    28a45e7fb68687e4e3f7ac46b9b6f024

  • SHA1

    bd579f70f35ba95b96f0e08ee29e7669830bf404

  • SHA256

    1603912e132ae6afa53043511a961192a986d8aec8238d94ec3328267f1241ad

  • SHA512

    0cd203ec60dddbbe63eac35fbe4ab867ffec4eaeeb660b5ad021057641cbdcdb9378e5e65b40122711528f42fe458006b859e72e719578e92495c23e205d676d

Score
10/10
raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes
  • url4cnc

    http://telegatt.top/agrybirdsgamerept

    http://telegka.top/agrybirdsgamerept

    http://telegin.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      1603912e132ae6afa53043511a961192a986d8aec8238d94ec3328267f1241ad

    • Size

      464KB

    • MD5

      28a45e7fb68687e4e3f7ac46b9b6f024

    • SHA1

      bd579f70f35ba95b96f0e08ee29e7669830bf404

    • SHA256

      1603912e132ae6afa53043511a961192a986d8aec8238d94ec3328267f1241ad

    • SHA512

      0cd203ec60dddbbe63eac35fbe4ab867ffec4eaeeb660b5ad021057641cbdcdb9378e5e65b40122711528f42fe458006b859e72e719578e92495c23e205d676d

    Score
    10/10
    raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks