Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19ee479069880dbeeb1b39aa48ecd541a3ccccf12cbdf6d6810dd55e6c252a24

  • Size

    508KB

  • Sample

    211110-bwvnsadbel

  • MD5

    062804709b3d775ed842a50ed61d0181

  • SHA1

    5c67b02f6aca1b35fc1d816f42c2d336241ae61b

  • SHA256

    19ee479069880dbeeb1b39aa48ecd541a3ccccf12cbdf6d6810dd55e6c252a24

  • SHA512

    a63a9a8b1d9b8a215dbdafceec1fa400d9d12f8c945221ea5b5bc5394859dd80f75c146ca4c605bbb272fecda519cdcfaa6146b3b3e7c29624632c0029f0cf5f

Score
10/10
raccoonfcdc156d3872c18d25e3ee45499599b45e492a67stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

fcdc156d3872c18d25e3ee45499599b45e492a67

Attributes
  • url4cnc

    http://178.23.190.57/rino115sipsip

    http://91.219.236.162/rino115sipsip

    http://185.163.47.176/rino115sipsip

    http://193.38.54.238/rino115sipsip

    http://74.119.192.122/rino115sipsip

    http://91.219.236.240/rino115sipsip

    https://t.me/rino115sipsip

rc4.plain
rc4.plain

Targets

    • Target

      19ee479069880dbeeb1b39aa48ecd541a3ccccf12cbdf6d6810dd55e6c252a24

    • Size

      508KB

    • MD5

      062804709b3d775ed842a50ed61d0181

    • SHA1

      5c67b02f6aca1b35fc1d816f42c2d336241ae61b

    • SHA256

      19ee479069880dbeeb1b39aa48ecd541a3ccccf12cbdf6d6810dd55e6c252a24

    • SHA512

      a63a9a8b1d9b8a215dbdafceec1fa400d9d12f8c945221ea5b5bc5394859dd80f75c146ca4c605bbb272fecda519cdcfaa6146b3b3e7c29624632c0029f0cf5f

    Score
    10/10
    raccoonfcdc156d3872c18d25e3ee45499599b45e492a67stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks