1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d | Triage

Submit
Reports

Overview

overview

8

Static

static

dridex

windows10_x64

8

Sharing

General

Target

1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
Size

1.3MB
Sample

211107-3n5mkagcfk
MD5

c9ff2a16b15ad9dc97d2a54e3e145925
SHA1

b6fc9f62f45a9e0295452eb42a3f8f1831c59b49
SHA256

1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
SHA512

efefb67fb4f3de947fcc4fe536cccd0dcf7c4dd6792bdcf241984eda3a9b4500f6922e7d4a3789cbe8b2870e68589032528ac5d0e3f1e95295669aa985bec665

Score

8^/10

agilenet persistence

Static task

static1

Behavioral task

behavioral1

Sample

1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d.exe

Resource

win10-en-20211104

agilenet persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
- Size
  
  1.3MB
- MD5
  
  c9ff2a16b15ad9dc97d2a54e3e145925
- SHA1
  
  b6fc9f62f45a9e0295452eb42a3f8f1831c59b49
- SHA256
  
  1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
- SHA512
  
  efefb67fb4f3de947fcc4fe536cccd0dcf7c4dd6792bdcf241984eda3a9b4500f6922e7d4a3789cbe8b2870e68589032528ac5d0e3f1e95295669aa985bec665
Score

8^/10

agilenet persistence
- Executes dropped EXE
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agilenetpersistence

© 2018-2024

Terms | Privacy