Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ca62c10b59ca3343d631a72986c8e1a25b72d98458e5a83b521ad10a421d0a3

  • Size

    4KB

  • Sample

    211023-m5373accf2

  • MD5

    847c99b897b29c8bf041efbb7a9d78f4

  • SHA1

    f9b6f05439aad623fe2c6a1f5ccd467463b26abc

  • SHA256

    6ca62c10b59ca3343d631a72986c8e1a25b72d98458e5a83b521ad10a421d0a3

  • SHA512

    e91443e81b7001c2f888465e036c67186fa7bac433e0d67571aeb9366435ef0e6fc3b4ad74789dc267d23f85f111ba7cd8942d376f9a3c65844ea12d47c6e285

Score
10/10
xmrigminer

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://cdn.discordapp.com/attachments/900932703254364161/901102801902526486/worker.exe

Targets

    • Target

      6ca62c10b59ca3343d631a72986c8e1a25b72d98458e5a83b521ad10a421d0a3

    • Size

      4KB

    • MD5

      847c99b897b29c8bf041efbb7a9d78f4

    • SHA1

      f9b6f05439aad623fe2c6a1f5ccd467463b26abc

    • SHA256

      6ca62c10b59ca3343d631a72986c8e1a25b72d98458e5a83b521ad10a421d0a3

    • SHA512

      e91443e81b7001c2f888465e036c67186fa7bac433e0d67571aeb9366435ef0e6fc3b4ad74789dc267d23f85f111ba7cd8942d376f9a3c65844ea12d47c6e285

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks