Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc10083c0e2940c59d6df8d534367769029ca8528b91c4440c0021dcf629ad9f

  • Size

    430KB

  • Sample

    211102-nbgyeacdd5

  • MD5

    2b2500a1a65ddadfc7e172661b8eba59

  • SHA1

    6ae464fd41144c4097866f81aaf2174984a3cf8c

  • SHA256

    bc10083c0e2940c59d6df8d534367769029ca8528b91c4440c0021dcf629ad9f

  • SHA512

    14e8679cd14097da41b2e396a359d25dc5b39a804689b4a8adaf926f1d27420591367837a86df7e60d566c0da094fb2e22c2e23126d3c73eb6747f809c14d2be

Score
10/10
raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

Malware Config

Extracted

Family

raccoon

Botnet

68e2d75238f7c69859792d206401b6bde2b2515c

Attributes
  • url4cnc

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      bc10083c0e2940c59d6df8d534367769029ca8528b91c4440c0021dcf629ad9f

    • Size

      430KB

    • MD5

      2b2500a1a65ddadfc7e172661b8eba59

    • SHA1

      6ae464fd41144c4097866f81aaf2174984a3cf8c

    • SHA256

      bc10083c0e2940c59d6df8d534367769029ca8528b91c4440c0021dcf629ad9f

    • SHA512

      14e8679cd14097da41b2e396a359d25dc5b39a804689b4a8adaf926f1d27420591367837a86df7e60d566c0da094fb2e22c2e23126d3c73eb6747f809c14d2be

    Score
    10/10
    raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks