Analysis
-
max time kernel
28s -
max time network
52s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12-05-2022 12:18
Static task
static1
Behavioral task
behavioral1
Sample
f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6.exe
-
Size
738KB
-
MD5
e9a67d468109255b5ec498ae5a3a208f
-
SHA1
d12b135e79364468250b49e8e3cb20063dd8c2eb
-
SHA256
f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6
-
SHA512
99f9b888c8d7d5bd6750d921c36af2c7d225029d80ea476166f0d8ba177683b11fc3a08bcd715caf0433c29bd83b029eb6575f86d4dcd55c1062b70d4c1d9cd5
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
5.9.178.143:443
185.230.161.62:3389
2.58.16.89:8443
rc4.plain
rc4.plain
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1904-56-0x0000000000400000-0x00000000004BC000-memory.dmp dridex_ldr_dmod