Overview
overview
10Static
static
URLScan
urlscan
https://hilltop2exit...
windows7_x64
1https://hilltop2exit...
windows7_x64
1https://hilltop2exit...
windows7_x64
1https://hilltop2exit...
windows11_x64
6https://hilltop2exit...
windows10_x64
10https://hilltop2exit...
windows10_x64
10https://hilltop2exit...
windows10_x64
10General
Static task
static1
URLScan task
urlscan1
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Behavioral task
behavioral1
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Resource
win7-ja-20211014
Behavioral task
behavioral2
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Resource
win7-en-20211014
Behavioral task
behavioral3
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Resource
win7-de-20210920
Behavioral task
behavioral4
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Resource
win11
Behavioral task
behavioral5
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Resource
win10-ja-20211014
Behavioral task
behavioral6
Sample
https://hilltop2exit.xyz/kjlfkvd82d
Resource
win10-en-20210920
Malware Config
Extracted
dridex
10111
37.48.124.102:9676
84.33.2.126:6225
188.40.33.77:8194
Targets
-
-
Target
https://hilltop2exit.xyz/kjlfkvd82d
-
Registers COM server for autorun
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-