Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0182a21bb51bc4d284fb4bd8d5b82f0698bd6f0e124c4ef25150985a02c7441f

  • Size

    426KB

  • Sample

    211102-rl9b7ahgdr

  • MD5

    123ff0a550db123bcd4aa3758ef6bee5

  • SHA1

    4353f7bbaa99b502528bf531cad667fe3be37778

  • SHA256

    0182a21bb51bc4d284fb4bd8d5b82f0698bd6f0e124c4ef25150985a02c7441f

  • SHA512

    c05b1a97164ca8ef4777ce451bcdb0fc4f4824608c06db6c130a15adc2cc321e8211942eb70b93453f04f4d3fa36aa928439040a7e1127fa6ed50a94589b1122

Score
10/10
raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

Malware Config

Extracted

Family

raccoon

Botnet

68e2d75238f7c69859792d206401b6bde2b2515c

Attributes
  • url4cnc

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      0182a21bb51bc4d284fb4bd8d5b82f0698bd6f0e124c4ef25150985a02c7441f

    • Size

      426KB

    • MD5

      123ff0a550db123bcd4aa3758ef6bee5

    • SHA1

      4353f7bbaa99b502528bf531cad667fe3be37778

    • SHA256

      0182a21bb51bc4d284fb4bd8d5b82f0698bd6f0e124c4ef25150985a02c7441f

    • SHA512

      c05b1a97164ca8ef4777ce451bcdb0fc4f4824608c06db6c130a15adc2cc321e8211942eb70b93453f04f4d3fa36aa928439040a7e1127fa6ed50a94589b1122

    Score
    10/10
    raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks