Analysis
-
max time kernel
138s -
max time network
140s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
08-02-2021 23:51
Behavioral task
behavioral1
Sample
7setq.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
7setq.exe
-
Size
1.3MB
-
MD5
ce6b3fc8dfc97b648dc245ba1ea0a109
-
SHA1
3f395722701450d2ea221b46f5fa4a0bcad9a3ec
-
SHA256
388d433e53b9c0294424bda5cc15e5a03c04c8aa9509d9161f9dc6176afb8b6a
-
SHA512
2b39526d7e23557c18226f76fe9d352d6cb24fa1184fbc8801733a06648e27dd5eaac94ef16276c1a1421e6be47c723b9f79dc1fc17e12d08161ff0fda8f575f
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
51.68.224.245:4646
188.165.17.91:8443
173.255.246.77:691
rc4.plain
rc4.plain
Signatures
-
Processes:
resource yara_rule behavioral2/memory/1404-2-0x0000000000400000-0x000000000043D000-memory.dmp dridex_ldr behavioral2/memory/1404-4-0x0000000000400000-0x000000000043D000-memory.dmp dridex_ldr -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Processes:
7setq.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA 7setq.exe