Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58c1b22873a1eab4f8a7cc5a26085a2968637eaa3f22e7cbe8032ad6f25bbd38

  • Size

    591KB

  • Sample

    211106-sz14eacacn

  • MD5

    65ecbb1c38b4ac891d8a90870e115398

  • SHA1

    78e3f1782d238b6375224a3ce7793b1cb08a95d4

  • SHA256

    58c1b22873a1eab4f8a7cc5a26085a2968637eaa3f22e7cbe8032ad6f25bbd38

  • SHA512

    a95b0ccaecdf007c4590efde4e56ec4e65b8d900e2070726393b912f4ef37b3761a641e7c85dfe8a9698f1bf9864afc8613d956e14414d5a0c78c00aa17a7dd9

Score
10/10
raccoona741159db87f9df2b687764994c63c4c859ea476stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3

Botnet

a741159db87f9df2b687764994c63c4c859ea476

Attributes
  • url4cnc

    http://178.23.190.57/hiioBlacklight1

    http://91.219.236.162/hiioBlacklight1

    http://185.163.47.176/hiioBlacklight1

    http://193.38.54.238/hiioBlacklight1

    http://74.119.192.122/hiioBlacklight1

    http://91.219.236.240/hiioBlacklight1

    https://t.me/hiioBlacklight1

rc4.plain
rc4.plain

Targets

    • Target

      58c1b22873a1eab4f8a7cc5a26085a2968637eaa3f22e7cbe8032ad6f25bbd38

    • Size

      591KB

    • MD5

      65ecbb1c38b4ac891d8a90870e115398

    • SHA1

      78e3f1782d238b6375224a3ce7793b1cb08a95d4

    • SHA256

      58c1b22873a1eab4f8a7cc5a26085a2968637eaa3f22e7cbe8032ad6f25bbd38

    • SHA512

      a95b0ccaecdf007c4590efde4e56ec4e65b8d900e2070726393b912f4ef37b3761a641e7c85dfe8a9698f1bf9864afc8613d956e14414d5a0c78c00aa17a7dd9

    Score
    10/10
    raccoona741159db87f9df2b687764994c63c4c859ea476stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks