Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9218e9d4421d5f812e1f8cdc7aa90c86c32d61d933b0cbf33d5d891bccb4fe4

  • Size

    424KB

  • Sample

    211102-yjpckahfhm

  • MD5

    92f759f431ea5e8ffbc92808cc5561b4

  • SHA1

    904ddd11760a17e06e08f3a3dc0541fa33614d48

  • SHA256

    c9218e9d4421d5f812e1f8cdc7aa90c86c32d61d933b0cbf33d5d891bccb4fe4

  • SHA512

    5927c32568b07c9ed7e255a82ac506833ac8ea502bc599aad7d2cc9102a4f7fe685b1c9feb95b9575e6e2ef696b3c7e4ce21a6653a3f5cf2348e44ceb1aa0b33

Score
10/10
raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

Malware Config

Extracted

Family

raccoon

Botnet

68e2d75238f7c69859792d206401b6bde2b2515c

Attributes
  • url4cnc

    http://telegalive.top/agrybirdsgamerept

    http://toptelete.top/agrybirdsgamerept

    http://telegraf.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      c9218e9d4421d5f812e1f8cdc7aa90c86c32d61d933b0cbf33d5d891bccb4fe4

    • Size

      424KB

    • MD5

      92f759f431ea5e8ffbc92808cc5561b4

    • SHA1

      904ddd11760a17e06e08f3a3dc0541fa33614d48

    • SHA256

      c9218e9d4421d5f812e1f8cdc7aa90c86c32d61d933b0cbf33d5d891bccb4fe4

    • SHA512

      5927c32568b07c9ed7e255a82ac506833ac8ea502bc599aad7d2cc9102a4f7fe685b1c9feb95b9575e6e2ef696b3c7e4ce21a6653a3f5cf2348e44ceb1aa0b33

    Score
    10/10
    raccoon68e2d75238f7c69859792d206401b6bde2b2515cstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks