Analysis
-
max time kernel
144s -
max time network
149s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
06-12-2021 06:33
Static task
static1
Behavioral task
behavioral1
Sample
ada221efca37a367af3fd2737f631950.exe
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
General
-
Target
ada221efca37a367af3fd2737f631950.exe
-
Size
975KB
-
MD5
ada221efca37a367af3fd2737f631950
-
SHA1
947d791982e89ef034b41d15e623b83067bcfd97
-
SHA256
8fe046c2fb961ded114076c5dfcbd8459a82baad6fbad34c04a08b920ee6290a
-
SHA512
b70cc6f694a6a837651f81bed82dc2d698b6a0699f6483e347cb249c2fee6d495be29df845f05771c507f1b7230f744a21eef9c965d376f254d27593a3ee6b1b
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
186.250.48.117:443
92.240.254.110:6602
81.223.127.86:10172
86.49.161.18:9043
rc4.plain
rc4.plain
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Processes:
ada221efca37a367af3fd2737f631950.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA ada221efca37a367af3fd2737f631950.exe