Overview

overview

10

Static

static

10

dridex

windows10-2004_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ef90b24b4674cd6914181ff64e47d9a31069412cb41ffb60dfcf1c0f491dd74

  • Size

    164KB

  • Sample

    220218-n14hpscea4

  • MD5

    a73bd7a7d57c7132fab130836c4e1bf3

  • SHA1

    be5a57900b99030c1edda051f47ac7b71d5a4402

  • SHA256

    4ef90b24b4674cd6914181ff64e47d9a31069412cb41ffb60dfcf1c0f491dd74

  • SHA512

    6470654f2dcf22bcbf38d293f08545de4660ea2f66dc180523c5b2ebf1e664b2f93756b62f665c3d30f923eb0efcc4f5025bb7f27bd2d4420fda3128238ba20a

Score
10/10
xloaderahc8rat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ahc8

Decoy

192451.com

wwwripostes.net

sirikhalsalaw.com

bitterbaybay.com

stella-scrubs.com

almanecermezcal.com

goodgood.online

translate-now.online

sincerefilm.com

quadrantforensics.com

johnfrenchart.com

plick-click.com

alnileen.com

tghi.xyz

172711.com

maymakita.com

punnyaseva.com

ukash-online.com

sho-yururi-blog.com

hebergement-solidaire.com

Targets

    • Target

      4ef90b24b4674cd6914181ff64e47d9a31069412cb41ffb60dfcf1c0f491dd74

    • Size

      164KB

    • MD5

      a73bd7a7d57c7132fab130836c4e1bf3

    • SHA1

      be5a57900b99030c1edda051f47ac7b71d5a4402

    • SHA256

      4ef90b24b4674cd6914181ff64e47d9a31069412cb41ffb60dfcf1c0f491dd74

    • SHA512

      6470654f2dcf22bcbf38d293f08545de4660ea2f66dc180523c5b2ebf1e664b2f93756b62f665c3d30f923eb0efcc4f5025bb7f27bd2d4420fda3128238ba20a

    Score
    4/10
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks