Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbbded82ff6f7540a39462c4fa0a4410badb76652edf37570561449aa6e3f84b

  • Size

    426KB

  • Sample

    211102-q9v9sscgd8

  • MD5

    5137f889c92c5447d29a90fe9929074e

  • SHA1

    00ec122c5e445ede907b9fa6f6f2a0d0adc2d459

  • SHA256

    bbbded82ff6f7540a39462c4fa0a4410badb76652edf37570561449aa6e3f84b

  • SHA512

    1847c9ba0eb2f382a1ef004c00fc23daf62247e2f4d6c750b0f9999f04ccb1658cb1eb0308901fdeede10f3fce6607663766571154bdd9fc9619d39ba3799149

Score
10/10
raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

Malware Config

Extracted

Family

raccoon

Botnet

68e2d75238f7c69859792d206401b6bde2b2515c

Attributes
  • url4cnc

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      bbbded82ff6f7540a39462c4fa0a4410badb76652edf37570561449aa6e3f84b

    • Size

      426KB

    • MD5

      5137f889c92c5447d29a90fe9929074e

    • SHA1

      00ec122c5e445ede907b9fa6f6f2a0d0adc2d459

    • SHA256

      bbbded82ff6f7540a39462c4fa0a4410badb76652edf37570561449aa6e3f84b

    • SHA512

      1847c9ba0eb2f382a1ef004c00fc23daf62247e2f4d6c750b0f9999f04ccb1658cb1eb0308901fdeede10f3fce6607663766571154bdd9fc9619d39ba3799149

    Score
    10/10
    raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks