Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ea720a54deacf6acfe1d1bda3d9956d70af6a95ec933f794c7d354ef5f575be

  • Size

    464KB

  • Sample

    211027-3xdkfahder

  • MD5

    8a9095bb671979a0664b6736770d6847

  • SHA1

    bbe979cf085c18e7386ca76a435f98381a1d4736

  • SHA256

    5ea720a54deacf6acfe1d1bda3d9956d70af6a95ec933f794c7d354ef5f575be

  • SHA512

    f42d44f9c8bd074402ba3d9dfbabb7a790be8fb3e6bdcfd6412554b46a19d80ce59b7f1a184e6aed9f66967eac05670c5dacf66024f45faef810e9849487114c

Score
10/10
raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

Malware Config

Extracted

Family

raccoon

Botnet

60e59be328fbd2ebac1839ea99411dccb00a6f49

Attributes
  • url4cnc

    http://telegin.top/agrybirdsgamerept

    http://ttmirror.top/agrybirdsgamerept

    http://teletele.top/agrybirdsgamerept

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      5ea720a54deacf6acfe1d1bda3d9956d70af6a95ec933f794c7d354ef5f575be

    • Size

      464KB

    • MD5

      8a9095bb671979a0664b6736770d6847

    • SHA1

      bbe979cf085c18e7386ca76a435f98381a1d4736

    • SHA256

      5ea720a54deacf6acfe1d1bda3d9956d70af6a95ec933f794c7d354ef5f575be

    • SHA512

      f42d44f9c8bd074402ba3d9dfbabb7a790be8fb3e6bdcfd6412554b46a19d80ce59b7f1a184e6aed9f66967eac05670c5dacf66024f45faef810e9849487114c

    Score
    10/10
    raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks