Analysis
-
max time kernel
136s -
max time network
145s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
01-07-2021 06:06
Behavioral task
behavioral1
Sample
magi9.bin.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
magi9.bin.exe
-
Size
1.0MB
-
MD5
2276e0412317a63a2bd1985febe93cca
-
SHA1
d33658ad2ac879461d8785536e7077c05dba31fb
-
SHA256
acc12fbe12b9970c7335151b67e4dc23f38bb1eed62a52edede51ff37e76ff39
-
SHA512
419aa0f99c9c87597dbaff6fab7f387709071de66aa89dc5eae6ed11cf7efd979e6fcbe8b99831209bc4b472f525c33e5eeb2e3651524f604fc315adfc55d6c7
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
104.168.155.129:443
142.4.219.173:4664
176.31.117.84:9443
rc4.plain
rc4.plain
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Processes:
magi9.bin.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA magi9.bin.exe