Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8143106a1a8c782395cbd828bec11b132a4963bad60b213ba15e0e857fe5a91

  • Size

    418KB

  • Sample

    211104-k739qsgbe3

  • MD5

    869df30f8e68075ef71c5fb55d0bd21f

  • SHA1

    d71a9d73f2a2d12ea457d887209d8f846f1a3457

  • SHA256

    b8143106a1a8c782395cbd828bec11b132a4963bad60b213ba15e0e857fe5a91

  • SHA512

    8236a65f8a43f5b09150ace10f736984aac02bad26c09ec6dfdd8f0f3a8f7e676186b5658b7ca8ef799e9b233f3af70482d26588caee116f97071ba9b3911081

Score
10/10
raccoonb3ed1d79826001317754d88a62db05820a1ecd19stealer

Malware Config

Extracted

Family

raccoon

Botnet

b3ed1d79826001317754d88a62db05820a1ecd19

Attributes
  • url4cnc

    http://teleliver.top/agrybirdsgamerept

    http://livetelive.top/agrybirdsgamerept

    http://teleger.top/agrybirdsgamerept

    http://telestrong.top/agrybirdsgamerept

    http://tgrampro.top/agrybirdsgamerept

    http://teleghost.top/agrybirdsgamerept

    http://teleroom.top/agrybirdsgamerept

    http://telemir.top/agrybirdsgamerept

    http://teletelo.top/agrybirdsgamerept

    https://t.me/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      b8143106a1a8c782395cbd828bec11b132a4963bad60b213ba15e0e857fe5a91

    • Size

      418KB

    • MD5

      869df30f8e68075ef71c5fb55d0bd21f

    • SHA1

      d71a9d73f2a2d12ea457d887209d8f846f1a3457

    • SHA256

      b8143106a1a8c782395cbd828bec11b132a4963bad60b213ba15e0e857fe5a91

    • SHA512

      8236a65f8a43f5b09150ace10f736984aac02bad26c09ec6dfdd8f0f3a8f7e676186b5658b7ca8ef799e9b233f3af70482d26588caee116f97071ba9b3911081

    Score
    10/10
    raccoonb3ed1d79826001317754d88a62db05820a1ecd19stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks