Analysis
-
max time kernel
4s -
max time network
9s -
platform
windows7_x64 -
resource
win7v20210410 -
submitted
17-05-2021 03:05
Behavioral task
behavioral1
Sample
ea13d342c6312efb1c3eee4a042eec8c374351c788d459313793cf839e3ebf5b.exe
Resource
win7v20210410
0 signatures
0 seconds
General
-
Target
ea13d342c6312efb1c3eee4a042eec8c374351c788d459313793cf839e3ebf5b.exe
-
Size
371KB
-
MD5
96733f96b86724fb6ee902d57a5c96c9
-
SHA1
9ceb3c43782e187a221fd53c6939f550eed0f522
-
SHA256
ea13d342c6312efb1c3eee4a042eec8c374351c788d459313793cf839e3ebf5b
-
SHA512
060a3df8cc915c3411268b3532d9e8277ad486d388d4cafae1f2ef86a43b697192dfea1dc400ad905478690aa0549c3717adaa8b3236186783cd9c025888cd20
Malware Config
Extracted
Family
dridex
C2
164.132.75.109:443
89.22.113.245:691
81.2.235.155:8443
212.53.140.12:3389
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1420-61-0x0000000000400000-0x000000000045F000-memory.dmp dridex_ldr -
Suspicious use of UnmapMainImage 1 IoCs
Processes:
ea13d342c6312efb1c3eee4a042eec8c374351c788d459313793cf839e3ebf5b.exepid process 1420 ea13d342c6312efb1c3eee4a042eec8c374351c788d459313793cf839e3ebf5b.exe