Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0cda5eabccf4e6dca2aff7ff9f44b0e6003f964efe15b81dbc4e772e065041f2

  • Size

    464KB

  • Sample

    211028-jhlgyshgf2

  • MD5

    7395a13f9f16b5cec499f91c8fdfcc5d

  • SHA1

    4bba3f2208ea5c4e39a34eff5a5304caf001ed98

  • SHA256

    0cda5eabccf4e6dca2aff7ff9f44b0e6003f964efe15b81dbc4e772e065041f2

  • SHA512

    4076dfdb5187416559913bb5500b433177a187122076a006fe52ecd5e88392a4d93249414ad5262b56272cd19e4e4b3f4fda8ef15e289acdff29adf1ae224787

Score
10/10
raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

Malware Config

Extracted

Family

raccoon

Botnet

60e59be328fbd2ebac1839ea99411dccb00a6f49

Attributes
  • url4cnc

    http://telegin.top/agrybirdsgamerept

    http://ttmirror.top/agrybirdsgamerept

    http://teletele.top/agrybirdsgamerept

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      0cda5eabccf4e6dca2aff7ff9f44b0e6003f964efe15b81dbc4e772e065041f2

    • Size

      464KB

    • MD5

      7395a13f9f16b5cec499f91c8fdfcc5d

    • SHA1

      4bba3f2208ea5c4e39a34eff5a5304caf001ed98

    • SHA256

      0cda5eabccf4e6dca2aff7ff9f44b0e6003f964efe15b81dbc4e772e065041f2

    • SHA512

      4076dfdb5187416559913bb5500b433177a187122076a006fe52ecd5e88392a4d93249414ad5262b56272cd19e4e4b3f4fda8ef15e289acdff29adf1ae224787

    Score
    10/10
    raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks