31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1 | Triage

Submit
Reports

Overview

overview

8

Static

static

dridex

windows10_x64

8

Sharing

General

Target

31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
Size

950KB
Sample

211216-xzjataddhq
MD5

48fa43c77f5335a1767851f173e2a2b5
SHA1

b8175d4e335f44fd8ee65002087ccafea89fabe8
SHA256

31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
SHA512

0e6ad438e968ac1ac9bb0edaa0ab46705c1a22b94a34e5465c69d4ab2325adf0b3c787ccfb32c4088b92fd9a585edbeef121f3c0f549e6dde0242104b69791ea

Score

8^/10

agilenet

Static task

static1

Behavioral task

behavioral1

Sample

31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
- Size
  
  950KB
- MD5
  
  48fa43c77f5335a1767851f173e2a2b5
- SHA1
  
  b8175d4e335f44fd8ee65002087ccafea89fabe8
- SHA256
  
  31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
- SHA512
  
  0e6ad438e968ac1ac9bb0edaa0ab46705c1a22b94a34e5465c69d4ab2325adf0b3c787ccfb32c4088b92fd9a585edbeef121f3c0f549e6dde0242104b69791ea
Score

8^/10

agilenet
- Executes dropped EXE
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy