Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab39e200c2d3a9995b77cdbf9cd19eac41f1969b3bd10401f32bd8367e8fd551

  • Size

    482KB

  • Sample

    211107-hdnk3shfc4

  • MD5

    b26c0726155de9f9d6ba28112b548b7d

  • SHA1

    9602743bd55e03f11ebb96a7de8e4e22d877a3e2

  • SHA256

    ab39e200c2d3a9995b77cdbf9cd19eac41f1969b3bd10401f32bd8367e8fd551

  • SHA512

    1f1c8271eb76f2434df126db91c43ef82bf83e24353c2843950ceaffdc66dab63b9d8204d87ae59b8844e655dafbfbf389e50c43b05232b013507df0bfbf2c1f

Score
10/10
raccoon243f5e3056753d9f9706258dce4f79e57c3a9c44stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3

Botnet

243f5e3056753d9f9706258dce4f79e57c3a9c44

Attributes
  • url4cnc

    http://178.23.190.57/agrybirdsgamerept

    http://91.219.236.162/agrybirdsgamerept

    http://185.163.47.176/agrybirdsgamerept

    http://193.38.54.238/agrybirdsgamerept

    http://74.119.192.122/agrybirdsgamerept

    http://91.219.236.240/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      ab39e200c2d3a9995b77cdbf9cd19eac41f1969b3bd10401f32bd8367e8fd551

    • Size

      482KB

    • MD5

      b26c0726155de9f9d6ba28112b548b7d

    • SHA1

      9602743bd55e03f11ebb96a7de8e4e22d877a3e2

    • SHA256

      ab39e200c2d3a9995b77cdbf9cd19eac41f1969b3bd10401f32bd8367e8fd551

    • SHA512

      1f1c8271eb76f2434df126db91c43ef82bf83e24353c2843950ceaffdc66dab63b9d8204d87ae59b8844e655dafbfbf389e50c43b05232b013507df0bfbf2c1f

    Score
    10/10
    raccoon243f5e3056753d9f9706258dce4f79e57c3a9c44stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks