Overview

overview

8

Static

static

dridex

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f12c1395b2e8e5c4637d255999a64a6376344be3f7e3fee3bbb6d24e4898959

  • Size

    4.8MB

  • Sample

    211014-fek58sgba4

  • MD5

    01d6c28aa5f84d22b4e2fee2ba3b29ed

  • SHA1

    d318f58428cf76a931cfbd580ee07c2ff26f4c8a

  • SHA256

    3f12c1395b2e8e5c4637d255999a64a6376344be3f7e3fee3bbb6d24e4898959

  • SHA512

    b3fedfb2adaaafb818f6ee21551f8f9e03c838b95dc6318dcc095a73c1e777d4e5b07ff76878db1dda5352723c882ece1590a15a596966afb009d39d98ef226e

Score
8/10

Malware Config

Targets

    • Target

      3f12c1395b2e8e5c4637d255999a64a6376344be3f7e3fee3bbb6d24e4898959

    • Size

      4.8MB

    • MD5

      01d6c28aa5f84d22b4e2fee2ba3b29ed

    • SHA1

      d318f58428cf76a931cfbd580ee07c2ff26f4c8a

    • SHA256

      3f12c1395b2e8e5c4637d255999a64a6376344be3f7e3fee3bbb6d24e4898959

    • SHA512

      b3fedfb2adaaafb818f6ee21551f8f9e03c838b95dc6318dcc095a73c1e777d4e5b07ff76878db1dda5352723c882ece1590a15a596966afb009d39d98ef226e

    Score
    8/10

    • Executes dropped EXE

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks