Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    599daf09abdf0a4633d88df56ae836568e3770504a27befcd4e61ecb3442bcf1

  • Size

    464KB

  • Sample

    211028-whmfgacac9

  • MD5

    528aa7823529bc9fa7976937c9ab8c1f

  • SHA1

    e3020bec25202cef612b1c99b64e677cb8cbb4b8

  • SHA256

    599daf09abdf0a4633d88df56ae836568e3770504a27befcd4e61ecb3442bcf1

  • SHA512

    dec716d8d7c13e090b53265c91d18b857867291cfe1b54ad4ee3ca1b8d98a81bbfe7de2eac871d580c5e7b6adf2cbc34276d08a7f13e4a9eceecc4bd1ae65980

Score
10/10
raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

Malware Config

Extracted

Family

raccoon

Botnet

60e59be328fbd2ebac1839ea99411dccb00a6f49

Attributes
  • url4cnc

    http://telegin.top/agrybirdsgamerept

    http://ttmirror.top/agrybirdsgamerept

    http://teletele.top/agrybirdsgamerept

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      599daf09abdf0a4633d88df56ae836568e3770504a27befcd4e61ecb3442bcf1

    • Size

      464KB

    • MD5

      528aa7823529bc9fa7976937c9ab8c1f

    • SHA1

      e3020bec25202cef612b1c99b64e677cb8cbb4b8

    • SHA256

      599daf09abdf0a4633d88df56ae836568e3770504a27befcd4e61ecb3442bcf1

    • SHA512

      dec716d8d7c13e090b53265c91d18b857867291cfe1b54ad4ee3ca1b8d98a81bbfe7de2eac871d580c5e7b6adf2cbc34276d08a7f13e4a9eceecc4bd1ae65980

    Score
    10/10
    raccoon60e59be328fbd2ebac1839ea99411dccb00a6f49stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks