Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-ja-20211014 -
submitted
01-12-2021 01:28
Static task
static1
Behavioral task
behavioral1
Sample
c45i3.exe
Resource
win7-ja-20211014
Behavioral task
behavioral2
Sample
c45i3.exe
Resource
win7-en-20211104
Behavioral task
behavioral3
Sample
c45i3.exe
Resource
win10-ja-20211014
General
-
Target
c45i3.exe
-
Size
975KB
-
MD5
f219b020c4af28acaaa29ab11d03b759
-
SHA1
2da3d0170cbfc790cd82a4f79119261da141c7e4
-
SHA256
615b16ee9b1b7be56e000f4fb0835f7b0ac8d0ced27396929ab2c2e47489ce64
-
SHA512
ccad5672bb0bb1e7b4e462025f621662219c868e5643546f5ab9f9e25a6fa657ec3827c6d5a87818132079fb19e5e01a8b7345973d3182c39af01ff1ea8edda3
Malware Config
Extracted
dridex
10111
186.250.48.117:443
92.240.254.110:6602
81.223.127.86:10172
86.49.161.18:9043
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Processes:
c45i3.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA c45i3.exe