Overview

overview

7

Static

static

dridex

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa51fb36496f61ab045d01c8cbb0635b78f0febe26f7d198a44565fe4c8f3620

  • Size

    404KB

  • Sample

    211101-j7hglaeadk

  • MD5

    ca4638bbbf18f1995a930a1a492c3949

  • SHA1

    ec7b8b14a98b384bc6080190c1b19c60512fe0d5

  • SHA256

    fa51fb36496f61ab045d01c8cbb0635b78f0febe26f7d198a44565fe4c8f3620

  • SHA512

    1942f4be0938c5504a6d91d0bd39812d40dfd3288cfeb39ee51969c4923e2f14faee4d776376f9447a84756fef2ad6adaa1ed05f64237404c6fbedcdb37eb9cb

Score
7/10
microsoftphishing

Malware Config

Targets

    • Target

      fa51fb36496f61ab045d01c8cbb0635b78f0febe26f7d198a44565fe4c8f3620

    • Size

      404KB

    • MD5

      ca4638bbbf18f1995a930a1a492c3949

    • SHA1

      ec7b8b14a98b384bc6080190c1b19c60512fe0d5

    • SHA256

      fa51fb36496f61ab045d01c8cbb0635b78f0febe26f7d198a44565fe4c8f3620

    • SHA512

      1942f4be0938c5504a6d91d0bd39812d40dfd3288cfeb39ee51969c4923e2f14faee4d776376f9447a84756fef2ad6adaa1ed05f64237404c6fbedcdb37eb9cb

    Score
    7/10
    microsoftphishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks