Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbf130705ed4de523fd2e38a6c64848af5d6e1ce6a268251e7b6d6e3f8089957

  • Size

    2.1MB

  • Sample

    211015-zvl71sccgk

  • MD5

    ea4b4ec80f45958158d072e1831f8ac7

  • SHA1

    6779946a2959078f21509f7b11e19b33435de555

  • SHA256

    fbf130705ed4de523fd2e38a6c64848af5d6e1ce6a268251e7b6d6e3f8089957

  • SHA512

    543441eedfbee6d83d449cac166a44a33946d47c98a7deb4fa25ba3b5e0a6f278ab2ee401e6871a3dd270a04c1e74e74f06c3a792f1d8fe44138c28384b2fa6e

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      fbf130705ed4de523fd2e38a6c64848af5d6e1ce6a268251e7b6d6e3f8089957

    • Size

      2.1MB

    • MD5

      ea4b4ec80f45958158d072e1831f8ac7

    • SHA1

      6779946a2959078f21509f7b11e19b33435de555

    • SHA256

      fbf130705ed4de523fd2e38a6c64848af5d6e1ce6a268251e7b6d6e3f8089957

    • SHA512

      543441eedfbee6d83d449cac166a44a33946d47c98a7deb4fa25ba3b5e0a6f278ab2ee401e6871a3dd270a04c1e74e74f06c3a792f1d8fe44138c28384b2fa6e

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks