Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    86s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    26-09-2021 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8e356460fb362d1ffa139a35a6b3c54e24b878003dbe1ea6849b26cc1de1f96c.exe

  • Size

    533KB

  • MD5

    970f402d9ac42b17c150d4b70d501870

  • SHA1

    1086fa8d8aa01cbc8784904960bd3fa06a0c0cee

  • SHA256

    8e356460fb362d1ffa139a35a6b3c54e24b878003dbe1ea6849b26cc1de1f96c

  • SHA512

    f6b4c579a84aacf5ea0826a2892f2b95ae4d6f7218aa25177e1ca7eaaf52497e8edc48ac3dc922b4d4e563c76d5846ecf74c5f72ebe2dfb37b15131cd79e8900

Score
10/10
suricata

Malware Config

Signatures

  • suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger

    suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger

    suricata
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\8e356460fb362d1ffa139a35a6b3c54e24b878003dbe1ea6849b26cc1de1f96c.exe
    "C:\Users\Admin\AppData\Local\Temp\8e356460fb362d1ffa139a35a6b3c54e24b878003dbe1ea6849b26cc1de1f96c.exe"
    1⤵
    • Checks processor information in registry
    PID:3608

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3608-116-0x0000000000400000-0x000000000050C000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/3608-115-0x0000000002350000-0x000000000241F000-memory.dmp

    Filesize

    828KB

    Download