Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    128s
  • max time network
    134s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    23-11-2021 18:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d06e335a2ae5ec650f1272bdb4c780ee859c6ebe54b2d0948b6f9cd8db6b316e.exe

  • Size

    1.1MB

  • MD5

    aa1954a90a54f0a55cd7dae5a283ff1e

  • SHA1

    98173f9eaf1a8b3a12116f27a957f05aa2c8481b

  • SHA256

    d06e335a2ae5ec650f1272bdb4c780ee859c6ebe54b2d0948b6f9cd8db6b316e

  • SHA512

    ffc5e30753a96cc63d335aed3ec4700fe534e37cdc097401313689ec9126da68c5cbd9139354d817f44b59d1350fe296201187741325b45d0038c9e0cd1045f3

Score
10/10
raccoonfe1f102f3334068962b64125bcb00816dba46087stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

fe1f102f3334068962b64125bcb00816dba46087

Attributes
  • url4cnc

    http://91.219.236.27/ocherednyara1

    http://5.181.156.92/ocherednyara1

    http://91.219.236.207/ocherednyara1

    http://185.225.19.18/ocherednyara1

    http://91.219.237.227/ocherednyara1

    https://t.me/ocherednyara1

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\d06e335a2ae5ec650f1272bdb4c780ee859c6ebe54b2d0948b6f9cd8db6b316e.exe
    "C:\Users\Admin\AppData\Local\Temp\d06e335a2ae5ec650f1272bdb4c780ee859c6ebe54b2d0948b6f9cd8db6b316e.exe"
    1⤵
      PID:2568

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2568-119-0x0000000002900000-0x0000000002901000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-118-0x0000000000600000-0x000000000074A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/2568-121-0x00000000028B0000-0x00000000028B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-120-0x00000000028C0000-0x00000000028C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-122-0x00000000028D0000-0x00000000028D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-124-0x00000000028F0000-0x00000000028F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-123-0x00000000028E0000-0x00000000028E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-126-0x0000000002910000-0x0000000002911000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-125-0x0000000002920000-0x0000000002921000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-128-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-127-0x00000000035D0000-0x00000000035D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-129-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-131-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-130-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-132-0x00000000026E0000-0x00000000026E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-133-0x00000000026A0000-0x00000000026A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-134-0x0000000002690000-0x0000000002691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-136-0x00000000026B0000-0x00000000026B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-135-0x00000000026D0000-0x00000000026D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-137-0x0000000002700000-0x0000000002701000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-138-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-139-0x00000000036C0000-0x00000000036C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-140-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-141-0x0000000002850000-0x0000000002851000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-142-0x0000000002800000-0x0000000002801000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-144-0x0000000002820000-0x0000000002821000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-143-0x00000000027F0000-0x00000000027F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-145-0x0000000002830000-0x0000000002831000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-146-0x0000000002840000-0x0000000002841000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-147-0x0000000002870000-0x0000000002871000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-148-0x00000000035C0000-0x00000000035C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-149-0x0000000003630000-0x0000000003631000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-150-0x0000000003630000-0x0000000003631000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-151-0x0000000003630000-0x0000000003631000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-153-0x0000000003630000-0x0000000003631000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-152-0x0000000003630000-0x0000000003631000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-154-0x0000000003630000-0x0000000003631000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-155-0x00000000009D0000-0x00000000009D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-156-0x00000000029B0000-0x00000000029B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-157-0x0000000002970000-0x0000000002971000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-158-0x0000000002960000-0x0000000002961000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-159-0x0000000002980000-0x0000000002981000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-160-0x0000000002990000-0x0000000002991000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-161-0x00000000029A0000-0x00000000029A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-162-0x00000000029D0000-0x00000000029D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-163-0x00000000009D0000-0x00000000009D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-165-0x0000000002950000-0x0000000002951000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-164-0x00000000009D0000-0x00000000009D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-166-0x0000000002720000-0x0000000002721000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-167-0x00000000009D0000-0x00000000009D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-168-0x00000000009D0000-0x00000000009D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-169-0x0000000003620000-0x0000000003621000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-170-0x0000000003610000-0x0000000003611000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2568-171-0x00000000036C0000-0x0000000003751000-memory.dmp
      Filesize

      580KB

      Download