Analysis
-
max time kernel
98s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
02-05-2022 00:13
Static task
static1
Behavioral task
behavioral1
Sample
80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e.exe
-
Size
450KB
-
MD5
ae6cf592a7918eeb32582e3320750a13
-
SHA1
63885d7b3f4112823f9a4c64dc20022d29473e5c
-
SHA256
80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e
-
SHA512
dd352a1c608ba5beb65b95b8a05394a34310450d44e187c8de4d1b5bc0d7144f38c95ff4cc59118915cad261922ff296cf26870c3555e5631e9b28bc7d0c6a6e
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
5.9.178.143:443
185.230.161.62:3389
2.58.16.89:8443
rc4.plain
rc4.plain
Signatures
-
Processes:
resource yara_rule behavioral2/memory/4796-131-0x0000000000400000-0x0000000000473000-memory.dmp dridex_ldr_dmod