cbc8f0215f9f14b78f221528abe36567a1b05a2a92dd4b7d5eff4e47c44b3072 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

cbc8f0215f9f14b78f221528abe36567a1b05a2a92dd4b7d5eff4e47c44b3072
Size

801KB
Sample

211208-nrs1lscgf2
MD5

3a29becaaebc1b54fb0ab3ff2ff67d9f
SHA1

75e1282e351a1a742ba08b3802ab2a99664ba8aa
SHA256

cbc8f0215f9f14b78f221528abe36567a1b05a2a92dd4b7d5eff4e47c44b3072
SHA512

d4cc7732cdd097216f11557786604ead58958f19a6ba5b2ccb6a839c2bbe67755d9a633eb885ed8e94f729b1465954cf9c77c6fc80c276a31a6f9922a232bff3

Score

10^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

cbc8f0215f9f14b78f221528abe36567a1b05a2a92dd4b7d5eff4e47c44b3072.exe

Resource

win10-en-20211014

persistence upx

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://haohm.502ok.com/hm

Targets

- Target
  
  cbc8f0215f9f14b78f221528abe36567a1b05a2a92dd4b7d5eff4e47c44b3072
- Size
  
  801KB
- MD5
  
  3a29becaaebc1b54fb0ab3ff2ff67d9f
- SHA1
  
  75e1282e351a1a742ba08b3802ab2a99664ba8aa
- SHA256
  
  cbc8f0215f9f14b78f221528abe36567a1b05a2a92dd4b7d5eff4e47c44b3072
- SHA512
  
  d4cc7732cdd097216f11557786604ead58958f19a6ba5b2ccb6a839c2bbe67755d9a633eb885ed8e94f729b1465954cf9c77c6fc80c276a31a6f9922a232bff3
Score

10^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy