Resubmissions
13-05-2022 06:14
220513-gzaqnscgb9 10Analysis
-
max time kernel
144s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
13-05-2022 06:14
Static task
static1
Behavioral task
behavioral1
Sample
04690a6fb91bce90cf1cb0508b80c9eaebdf587515ced649c88005992369107a.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
04690a6fb91bce90cf1cb0508b80c9eaebdf587515ced649c88005992369107a.exe
-
Size
1.2MB
-
MD5
7873656c7b07aa7b0123fff8f886cb5a
-
SHA1
f4c3c985742803e34a64a468217fcc577d1f94ae
-
SHA256
04690a6fb91bce90cf1cb0508b80c9eaebdf587515ced649c88005992369107a
-
SHA512
02335e1c0d1a6bf125caaa46602a35bcce523c4e41ab31bcb1dec1b42d1ccd754b782b382b7c3dab0abfea49b68a880ad5bc74d2b42510457688828dbbb159cc
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
77.220.64.135:443
153.126.165.175:6601
210.65.244.183:8443
rc4.plain
rc4.plain
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Processes:
04690a6fb91bce90cf1cb0508b80c9eaebdf587515ced649c88005992369107a.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA 04690a6fb91bce90cf1cb0508b80c9eaebdf587515ced649c88005992369107a.exe