Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    875d2896be5209b2d5773f15d8622fe8d97ca73741ed0dfb58942c27623e420a

  • Size

    482KB

  • Sample

    211107-hfe2qahfd2

  • MD5

    aab4005bc5c9101b7d49e9a27e82ce59

  • SHA1

    5f8491a017f2fb50c542fac35174342994af6325

  • SHA256

    875d2896be5209b2d5773f15d8622fe8d97ca73741ed0dfb58942c27623e420a

  • SHA512

    177333d9b53c627975b19f93c9781f65a508bd8f02e2f3349e728f8bbe80ed3d1f6568e6ec93ddac76b433f7f83caf6cb36636da3bbcbf0a8c5816c2eb52fb52

Score
10/10
raccoon243f5e3056753d9f9706258dce4f79e57c3a9c44stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3

Botnet

243f5e3056753d9f9706258dce4f79e57c3a9c44

Attributes
  • url4cnc

    http://178.23.190.57/agrybirdsgamerept

    http://91.219.236.162/agrybirdsgamerept

    http://185.163.47.176/agrybirdsgamerept

    http://193.38.54.238/agrybirdsgamerept

    http://74.119.192.122/agrybirdsgamerept

    http://91.219.236.240/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      875d2896be5209b2d5773f15d8622fe8d97ca73741ed0dfb58942c27623e420a

    • Size

      482KB

    • MD5

      aab4005bc5c9101b7d49e9a27e82ce59

    • SHA1

      5f8491a017f2fb50c542fac35174342994af6325

    • SHA256

      875d2896be5209b2d5773f15d8622fe8d97ca73741ed0dfb58942c27623e420a

    • SHA512

      177333d9b53c627975b19f93c9781f65a508bd8f02e2f3349e728f8bbe80ed3d1f6568e6ec93ddac76b433f7f83caf6cb36636da3bbcbf0a8c5816c2eb52fb52

    Score
    10/10
    raccoon243f5e3056753d9f9706258dce4f79e57c3a9c44stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks