Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17

  • Size

    570KB

  • Sample

    211203-x8vp7scbf6

  • MD5

    daabb970ee354de7815aaae6a885d224

  • SHA1

    f4e646ea707217f2bfd6df68fa231164642a9196

  • SHA256

    7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17

  • SHA512

    b12738020d552f7e986ce68074fe6d3c757d324331a950dfe1a83630c28fe96fb835f485f4a646ba9101d568dc31bc0e63f9319c1be997ca5ea98d9aa95f21db

Score
10/10
raccoon049dc5184bb65eb56e4e860bf61427e2a0fcba1estealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

049dc5184bb65eb56e4e860bf61427e2a0fcba1e

Attributes
  • url4cnc

    http://185.225.19.18/duglassa1

    http://91.219.237.227/duglassa1

    https://t.me/duglassa1

rc4.plain
rc4.plain

Targets

    • Target

      7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17

    • Size

      570KB

    • MD5

      daabb970ee354de7815aaae6a885d224

    • SHA1

      f4e646ea707217f2bfd6df68fa231164642a9196

    • SHA256

      7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17

    • SHA512

      b12738020d552f7e986ce68074fe6d3c757d324331a950dfe1a83630c28fe96fb835f485f4a646ba9101d568dc31bc0e63f9319c1be997ca5ea98d9aa95f21db

    Score
    10/10
    raccoon049dc5184bb65eb56e4e860bf61427e2a0fcba1estealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks