Analysis
-
max time kernel
5s -
max time network
14s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
18-05-2021 05:13
Behavioral task
behavioral1
Sample
3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d.exe
-
Size
371KB
-
MD5
9a4538d3d6531fc700f23273f9c12c44
-
SHA1
f44927f8372340eb6352b538ae546752569ee736
-
SHA256
3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d
-
SHA512
a465a811f704653bfc9c68cd0929ab6328fb2816ee7f9deeaf54bf5961d35b85c13a7e9f1424afb127135a902d411550c22306003b3e8da1534eb8a89846cd2c
Malware Config
Extracted
Family
dridex
C2
164.132.75.109:443
89.22.113.245:691
81.2.235.155:8443
212.53.140.12:3389
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1088-62-0x0000000000400000-0x000000000045F000-memory.dmp dridex_ldr -
Suspicious use of UnmapMainImage 1 IoCs
Processes:
3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d.exepid process 1088 3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d.exe