Overview

overview

10

Static

static

dridex

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    821f0bd9c64b33124020e6fc1c773c923f5e25055fe0894556fbcf52f80e3af6

  • Size

    551KB

  • Sample

    220311-ykd8zseafj

  • MD5

    f2a713eb3d3f877f1eb1af8d25d11968

  • SHA1

    3cc7fc65efb514f07c84e38f737f00b205b0b01b

  • SHA256

    821f0bd9c64b33124020e6fc1c773c923f5e25055fe0894556fbcf52f80e3af6

  • SHA512

    7663b34463489070d0e7f07c3e071e3439726ed255f85d2f320150f4327780a9b670b9597fbd0d0d944f2c98fdae0bbf0838ea8f76c11a8e5db71ddd83055d9d

Score
10/10
raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealersuricata

Malware Config

Extracted

Family

raccoon

Botnet

1c0fad6805a0f65d7b597130eb9f089ffbe9857d

Attributes
  • url4cnc

    http://194.180.191.241/capibar

    http://103.155.93.35/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      821f0bd9c64b33124020e6fc1c773c923f5e25055fe0894556fbcf52f80e3af6

    • Size

      551KB

    • MD5

      f2a713eb3d3f877f1eb1af8d25d11968

    • SHA1

      3cc7fc65efb514f07c84e38f737f00b205b0b01b

    • SHA256

      821f0bd9c64b33124020e6fc1c773c923f5e25055fe0894556fbcf52f80e3af6

    • SHA512

      7663b34463489070d0e7f07c3e071e3439726ed255f85d2f320150f4327780a9b670b9597fbd0d0d944f2c98fdae0bbf0838ea8f76c11a8e5db71ddd83055d9d

    Score
    10/10
    raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealersuricata

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

      suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

      suricata

    • suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6

      suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6

      suricata
    behavioral1

MITRE ATT&CK Matrix

Tasks