General
-
Target
http://zeroexit.xyz/9HJDckdsvfsdefvs34
-
Sample
210121-6e7h9qynyj
Score
10/10
Static task
static1
URLScan task
urlscan1
Sample
http://zeroexit.xyz/9HJDckdsvfsdefvs34
Behavioral task
behavioral1
Sample
http://zeroexit.xyz/9HJDckdsvfsdefvs34
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
162.241.44.26:9443
185.184.25.234:4664
138.201.138.91:3389
rc4.plain
rc4.plain
Targets
-
-
Target
http://zeroexit.xyz/9HJDckdsvfsdefvs34
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-