Analysis
-
max time kernel
134s -
max time network
170s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
11-06-2022 17:06
Static task
static1
Behavioral task
behavioral1
Sample
v2x2vexx.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
v2x2vexx.dll
-
Size
638KB
-
MD5
e5a1785a5b06c596107a75eb1e51454b
-
SHA1
3e44a3cb67613f11aae1f9189cbd9ea100d3a1f2
-
SHA256
905960957f03c7a56deaee448ac8fff59f7aad97619ee5a98eb220b9cebee849
-
SHA512
b046c5a02446652df5271b97b3785ba6d5e593cc639388f3c22e4c3ef9ecf2fab3fc08c761e9c167e8840aa12fcdfa9a978d9409e165890306a64d987e7c373f
Malware Config
Extracted
Family
dridex
Botnet
10444
C2
193.37.215.79:443
81.2.235.131:1688
178.63.156.139:3388
rc4.plain
rc4.plain
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3308 wrote to memory of 3660 3308 rundll32.exe rundll32.exe PID 3308 wrote to memory of 3660 3308 rundll32.exe rundll32.exe PID 3308 wrote to memory of 3660 3308 rundll32.exe rundll32.exe