Analysis
-
max time kernel
117s -
max time network
145s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
21-01-2022 23:17
Static task
static1
Behavioral task
behavioral1
Sample
b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
General
-
Target
b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de.exe
-
Size
208KB
-
MD5
d5c5ea1d436275aabfe0627c3db55243
-
SHA1
24cbe40ffc34984ed6ce2a3304efde961fadaba0
-
SHA256
b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de
-
SHA512
d4937b6dc812bb6c52bace95d8a18d1100bdc74d6db5385a3fa0cfc156ae315d49c4e71d4e5fa1355cba15a54c17b1c14e2f70f7aef302abcdc7500cded8e021
Malware Config
Extracted
Family
dridex
Botnet
40400
C2
59.148.253.194:443
207.180.230.218:3389
2.58.16.87:8443
rc4.plain
rc4.plain
Signatures
-
Processes:
resource yara_rule behavioral1/memory/948-55-0x0000000010000000-0x0000000010034000-memory.dmp dridex_ldr_dmod