ta505 | b02e02ff9b225ad1d2d295800005675fbf2dacd2899b5b939e1070aa2de623e1 | Triage

Submit
Reports

Overview

overview

Static

static

rtdt.dll

windows7_x64

rtdt.dll

windows10-2004_x64

Sharing

General

Target

rtdt.bin
Size

324KB
Sample

220320-pm3jxsbhg6
MD5

f1df801459853f42662c0f947518d3e7
SHA1

15e292ab8c863f2ba97244ed3f6cb226980580e9
SHA256

b02e02ff9b225ad1d2d295800005675fbf2dacd2899b5b939e1070aa2de623e1
SHA512

a06911c0e062dc0d6d8803ea4a0332ea8097839d03f3a382b104e78c82d57685aa199033c582936823115253a65f0883e4d0b76c8988d7319e5bed29f9618d13

Score

10^/10

ta505 upx

Static task

static1

Behavioral task

behavioral1

Sample

rtdt.dll

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

rtdt.dll

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  rtdt.bin
- Size
  
  324KB
- MD5
  
  f1df801459853f42662c0f947518d3e7
- SHA1
  
  15e292ab8c863f2ba97244ed3f6cb226980580e9
- SHA256
  
  b02e02ff9b225ad1d2d295800005675fbf2dacd2899b5b939e1070aa2de623e1
- SHA512
  
  a06911c0e062dc0d6d8803ea4a0332ea8097839d03f3a382b104e78c82d57685aa199033c582936823115253a65f0883e4d0b76c8988d7319e5bed29f9618d13
Score

10^/10

ta505 upx
- TA505
  Cybercrime group active since 2015, responsible for families like Dridex and Locky.
  ta505
- Blocklisted process makes network request
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy