Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd0cc11eb44ff55eb1e104b77ff330796ffd3a1d83fb097d3fe5e6f2a4e709ca

  • Size

    570KB

  • Sample

    211027-ee4f5saeh5

  • MD5

    cfb3de874428dcca88d4c54b2ea30650

  • SHA1

    2f864974dd34765b323e2a4803dbaf975fa0fe57

  • SHA256

    fd0cc11eb44ff55eb1e104b77ff330796ffd3a1d83fb097d3fe5e6f2a4e709ca

  • SHA512

    745ac0de380554ed329121fb4a5e55398c609b534b985775de463e966aab4ac75832b818d1d54e0ee67a96894ebf9aee0bef28ca66a16f89607a5436e9ae8e3d

Score
10/10
raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

Malware Config

Extracted

Family

raccoon

Botnet

60e59be328fbd2ebac1839ea99411dccb00a6f49

Attributes
  • url4cnc

    http://telegin.top/agrybirdsgamerept

    http://ttmirror.top/agrybirdsgamerept

    http://teletele.top/agrybirdsgamerept

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      fd0cc11eb44ff55eb1e104b77ff330796ffd3a1d83fb097d3fe5e6f2a4e709ca

    • Size

      570KB

    • MD5

      cfb3de874428dcca88d4c54b2ea30650

    • SHA1

      2f864974dd34765b323e2a4803dbaf975fa0fe57

    • SHA256

      fd0cc11eb44ff55eb1e104b77ff330796ffd3a1d83fb097d3fe5e6f2a4e709ca

    • SHA512

      745ac0de380554ed329121fb4a5e55398c609b534b985775de463e966aab4ac75832b818d1d54e0ee67a96894ebf9aee0bef28ca66a16f89607a5436e9ae8e3d

    Score
    10/10
    raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks