Analysis
-
max time kernel
106s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
02-05-2022 00:13
Static task
static1
Behavioral task
behavioral1
Sample
412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54.exe
-
Size
450KB
-
MD5
4ec71b3e86b5f61b54d6516d90cc0f41
-
SHA1
fef8c687dc109dfb662ada733bca5b0bb518ab6e
-
SHA256
412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54
-
SHA512
d68d32c9fc234dded9b5a172e5e024aeac6c48297704db51ba1623a3f18d01c8aa6776f3309055bf9bb13727c74669ef9a097e9216a32bbc6760dd80f78dfff1
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
5.9.178.143:443
185.230.161.62:3389
2.58.16.89:8443
rc4.plain
rc4.plain
Signatures
-
Processes:
resource yara_rule behavioral2/memory/4360-131-0x0000000000400000-0x0000000000473000-memory.dmp dridex_ldr_dmod