Overview

overview

10

Static

static

10

dridex

windows10_x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    04-10-2021 22:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    647b62057e0fce41fd1b3d7f4c99a834da671e36f4c72eb03bec9e7a34b24b35.exe

  • Size

    32KB

  • MD5

    3629444779e7e4fb9a023cda4f1473c6

  • SHA1

    6dbc84ad7cd111eb34ef3c30186f5afc86304749

  • SHA256

    647b62057e0fce41fd1b3d7f4c99a834da671e36f4c72eb03bec9e7a34b24b35

  • SHA512

    f74cc0f1e19be519b1c25039531eac401582d2afae520d4cd4e4dfb930e55f9dab1be812869acec2e830e03a586905d428f1ae550cb3a787e253d49568147c11

Score
10/10
suricata

Malware Config

Signatures

  • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    suricata
  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\647b62057e0fce41fd1b3d7f4c99a834da671e36f4c72eb03bec9e7a34b24b35.exe
    "C:\Users\Admin\AppData\Local\Temp\647b62057e0fce41fd1b3d7f4c99a834da671e36f4c72eb03bec9e7a34b24b35.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2072-115-0x0000000002B20000-0x0000000002B21000-memory.dmp
    Filesize

    4KB

    Download