Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48ceb3fa642b0031027ef4a94bff577f3635c05515f11e45c7cd3a1024620ed4

  • Size

    431KB

  • Sample

    211102-n2zwxahdel

  • MD5

    87a5cdf223fe370ee426a231548c7ebc

  • SHA1

    03f5cb68f3d6787f71f9b73a9e31272130161dda

  • SHA256

    48ceb3fa642b0031027ef4a94bff577f3635c05515f11e45c7cd3a1024620ed4

  • SHA512

    12c9c4dc0b3da35cb026b27c93d18c1c0376d103a1be71bd47292dd0c80c492a0237e7cddf379ea2dd7e1cc47a3f0b88b2acd4db15377cf6d80ed6dd4d7402b5

Score
10/10
raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

Malware Config

Extracted

Family

raccoon

Botnet

68e2d75238f7c69859792d206401b6bde2b2515c

Attributes
  • url4cnc

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      48ceb3fa642b0031027ef4a94bff577f3635c05515f11e45c7cd3a1024620ed4

    • Size

      431KB

    • MD5

      87a5cdf223fe370ee426a231548c7ebc

    • SHA1

      03f5cb68f3d6787f71f9b73a9e31272130161dda

    • SHA256

      48ceb3fa642b0031027ef4a94bff577f3635c05515f11e45c7cd3a1024620ed4

    • SHA512

      12c9c4dc0b3da35cb026b27c93d18c1c0376d103a1be71bd47292dd0c80c492a0237e7cddf379ea2dd7e1cc47a3f0b88b2acd4db15377cf6d80ed6dd4d7402b5

    Score
    10/10
    raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks