Overview

overview

7

Static

static

1

dridex

windows10_x64

7

Analysis

  • max time kernel
    82s
  • max time network
    155s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    26-09-2021 21:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7fb1b1471a46be066bd204e06324fe3ac55fc54e063495b445cca45fa94e1b41.exe

  • Size

    78.1MB

  • MD5

    1dc4fa4bcaf02e995b86479c3f451145

  • SHA1

    19ff7979df5326052114bb0089379aa744548460

  • SHA256

    7fb1b1471a46be066bd204e06324fe3ac55fc54e063495b445cca45fa94e1b41

  • SHA512

    1a196a085a2a3602c904f69c776ee3e0f6a58002c830f8028858d5916e21b1f42e6ec21c116320aafd0956ac05f93a9866c3468e317289c5f814e12a77b6e112

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\7fb1b1471a46be066bd204e06324fe3ac55fc54e063495b445cca45fa94e1b41.exe
    "C:\Users\Admin\AppData\Local\Temp\7fb1b1471a46be066bd204e06324fe3ac55fc54e063495b445cca45fa94e1b41.exe"
    1⤵
    • Loads dropped DLL
    PID:3128

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsu63A8.tmp\INetC.dll
    MD5

    2b342079303895c50af8040a91f30f71

    SHA1

    b11335e1cb8356d9c337cb89fe81d669a69de17e

    SHA256

    2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

    SHA512

    550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsu63A8.tmp\INetC.dll
    MD5

    2b342079303895c50af8040a91f30f71

    SHA1

    b11335e1cb8356d9c337cb89fe81d669a69de17e

    SHA256

    2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

    SHA512

    550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsu63A8.tmp\System.dll
    MD5

    fccff8cb7a1067e23fd2e2b63971a8e1

    SHA1

    30e2a9e137c1223a78a0f7b0bf96a1c361976d91

    SHA256

    6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e

    SHA512

    f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsu63A8.tmp\nsDialogs.dll
    MD5

    1c8b2b40c642e8b5a5b3ff102796fb37

    SHA1

    3245f55afac50f775eb53fd6d14abb7fe523393d

    SHA256

    8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c

    SHA512

    4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57

    Download Submit