Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a946db7313b81ea362c27112e7fec3c59da8890e209abd8f8fd7ab78e3ab6683

  • Size

    430KB

  • Sample

    211102-n9q9qsceb6

  • MD5

    9d9b1df4431584e226ab6917c13eaecd

  • SHA1

    ebad984571f90384728f54bc95660a5773526cd0

  • SHA256

    a946db7313b81ea362c27112e7fec3c59da8890e209abd8f8fd7ab78e3ab6683

  • SHA512

    36c50fd7f9b56d83fc2c200fec409f61ecd732a1d4df0f5d89a2b1f7020db716acfd25a2c6b38c5f124c67100d8097f405213edf9271df3802570db920b991a2

Score
10/10
raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

Malware Config

Extracted

Family

raccoon

Botnet

68e2d75238f7c69859792d206401b6bde2b2515c

Attributes
  • url4cnc

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      a946db7313b81ea362c27112e7fec3c59da8890e209abd8f8fd7ab78e3ab6683

    • Size

      430KB

    • MD5

      9d9b1df4431584e226ab6917c13eaecd

    • SHA1

      ebad984571f90384728f54bc95660a5773526cd0

    • SHA256

      a946db7313b81ea362c27112e7fec3c59da8890e209abd8f8fd7ab78e3ab6683

    • SHA512

      36c50fd7f9b56d83fc2c200fec409f61ecd732a1d4df0f5d89a2b1f7020db716acfd25a2c6b38c5f124c67100d8097f405213edf9271df3802570db920b991a2

    Score
    10/10
    raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks