Overview

overview

7

Static

static

dridex

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee072242f006e6a4cf6dbfef67cb492916d95437e65ca722855522d4fc1c3713

  • Size

    1.7MB

  • Sample

    210930-ed5mtagdcl

  • MD5

    1a40c2b76f2565656928b985135293d2

  • SHA1

    81e519c6df17c4151385441272c52ed190d565d3

  • SHA256

    ee072242f006e6a4cf6dbfef67cb492916d95437e65ca722855522d4fc1c3713

  • SHA512

    1b6a38f1d4a933f1ff39bb7cc2fb59f278acc77a716b462fa3a6dd4515e38b5d128d1c411f2d669dac37b24ee5503cc4e8392acd668e23ac71dadcdc6bdacefa

Score
7/10
microsoftphishing

Malware Config

Targets

    • Target

      ee072242f006e6a4cf6dbfef67cb492916d95437e65ca722855522d4fc1c3713

    • Size

      1.7MB

    • MD5

      1a40c2b76f2565656928b985135293d2

    • SHA1

      81e519c6df17c4151385441272c52ed190d565d3

    • SHA256

      ee072242f006e6a4cf6dbfef67cb492916d95437e65ca722855522d4fc1c3713

    • SHA512

      1b6a38f1d4a933f1ff39bb7cc2fb59f278acc77a716b462fa3a6dd4515e38b5d128d1c411f2d669dac37b24ee5503cc4e8392acd668e23ac71dadcdc6bdacefa

    Score
    7/10
    microsoftphishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks