General

Malware Config

Signatures

Files

• Dridex_6e02b72b5dcec24da59a2cefea83d4b60bb28a8d20f878b2017794c2c71d45b6.zip

  .zip

  Password: test1234

• Dridex_6e02b72b5dcec24da59a2cefea83d4b60bb28a8d20f878b2017794c2c71d45b6.bin

  .exe windows x86

  Password: test1234

  7f0b3dfdfcffd516c54171c97b1cdf54

  
  

  Code Sign

  16:74:9f:31:4a:5c:ea:a4:42:7e:97:ba:73:37:11:c2

  Certificate

  Issuer

  CN=GVUJCLSMABNKUIFFSQ

  Not Before

  01-05-2020 16:58

  Not After

  31-12-2039 23:59

  Subject

  CN=GVUJCLSMABNKUIFFSQ

  Extended Key Usages

  ExtKeyUsageCodeSigning

  42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b

  Certificate

  Issuer

  CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

  Not Before

  07-06-2005 08:09

  Not After

  30-05-2020 10:48

  Subject

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  27-04-2011 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49

  Certificate

  Issuer

  CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  02-05-2019 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  c1:7d:11:28:a3:90:e2:46:cb:18:42:9f:45:68:06:fc:e5:7a:6d:99

  Signer

  Actual PE Digest

  c1:7d:11:28:a3:90:e2:46:cb:18:42:9f:45:68:06:fc:e5:7a:6d:99

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=GVUJCLSMABNKUIFFSQ

  05-05-2020 11:57

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetPriorityClass

  WaitForMultipleObjects

  Sleep

  GetSystemDefaultLangID

  GetUserDefaultLangID

  AreFileApisANSI

  FileTimeToLocalFileTime

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  GetProcessTimes

  OpenEventW

  OpenFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  SetProcessAffinityMask

  GetStdHandle

  GetSystemTimeAsFileTime

  FileTimeToDosDateTime

  GlobalMemoryStatus

  GetSystemInfo

  lstrlenW

  lstrcatW

  CompareFileTime

  GetCurrentProcess

  GetDiskFreeSpaceW

  GetDriveTypeW

  GetFileInformationByHandle

  SetEndOfFile

  WriteFile

  ReadFile

  DeviceIoControl

  SetFilePointer

  GetFileSize

  GetLogicalDriveStringsW

  VirtualAlloc

  VirtualFree

  WaitForSingleObject

  CreateEventW

  SetEvent

  InitializeCriticalSection

  LoadLibraryA

  GetVersionExW

  FileTimeToSystemTime

  GetCommandLineW

  GetStartupInfoA

  GetTempPathW

  GetFileAttributesW

  GetModuleHandleA

  FindNextFileW

  FindFirstFileW

  FindClose

  GetCurrentThreadId

  GetTickCount

  GetCurrentDirectoryW

  SetCurrentDirectoryW

  SetLastError

  DeleteFileW

  CreateDirectoryW

  GetModuleHandleW

  GetProcAddress

  MoveFileW

  RemoveDirectoryW

  SetFileAttributesW

  CreateFileW

  SetFileTime

  CloseHandle

  FormatMessageW

  LocalFree

  GetModuleFileNameW

  LoadLibraryW

  LoadLibraryExW

  FreeLibrary

  WideCharToMultiByte

  MultiByteToWideChar

  GetLastError

  GetCurrentProcessId

  lstrcpynA

  OpenWaitableTimerW

  GetConsoleAliasW

  FindAtomA

  GetProcessHeaps

  QueryDosDeviceA

  GetFileAttributesExA

  GetVolumeInformationW

  GetTempFileNameW

  GetCompressedFileSizeA

  GetCommTimeouts

  CommConfigDialogW

  GetTimeFormatW

  GetConsoleCP

  OpenSemaphoreW

  SetSystemTime

  EnumTimeFormatsW

  GetOEMCP

  EnumLanguageGroupLocalesW

  GetProcessPriorityBoost

  _lopen

  VerifyVersionInfoW

  LockFile

  UnlockFile

  MoveFileA

  GetVolumeInformationA

  GetStringTypeExA

  GetThreadLocale

  GetShortPathNameA

  LocalFileTimeToFileTime

  SystemTimeToFileTime

  SetErrorMode

  InterlockedExchange

  RtlUnwind

  SetEnvironmentVariableA

  SetCurrentDirectoryA

  HeapReAlloc

  HeapAlloc

  HeapFree

  CreateDirectoryA

  GetDriveTypeA

  GetTimeZoneInformation

  GetSystemTime

  GetLocalTime

  RaiseException

  GetCommandLineA

  ExitProcess

  TerminateProcess

  CreateThread

  ExitThread

  HeapSize

  FlushFileBuffers

  LCMapStringA

  LCMapStringW

  CompareStringA

  CompareStringW

  IsBadWritePtr

  GetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  SetHandleCount

  GetFileType

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  GetStringTypeA

  GetStringTypeW

  IsValidLocale

  IsValidCodePage

  GetLocaleInfoA

  EnumSystemLocalesA

  GetUserDefaultLCID

  IsBadReadPtr

  IsBadCodePtr

  SetStdHandle

  SetConsoleCtrlHandler

  GetLocaleInfoW

  CreateFileA

  GetProfileStringA

  DuplicateHandle

  GetCurrentDirectoryA

  SizeofResource

  GetCPInfo

  GetProcessVersion

  TlsGetValue

  LocalReAlloc

  TlsSetValue

  GlobalReAlloc

  TlsFree

  GlobalHandle

  TlsAlloc

  LocalAlloc

  GlobalFlags

  MulDiv

  GlobalSize

  GetDiskFreeSpaceA

  GetFileTime

  GetFullPathNameA

  GetTempFileNameA

  GetFileAttributesA

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  GetPrivateProfileIntA

  CreateEventA

  SuspendThread

  SetThreadPriority

  ResumeThread

  GetModuleFileNameA

  GlobalAlloc

  lstrcmpA

  GetCurrentThread

  GlobalFree

  FindResourceA

  LoadResource

  LockResource

  lstrcmpiA

  GlobalFindAtomA

  GlobalDeleteAtom

  lstrcatA

  lstrcpyA

  GlobalGetAtomNameA

  GlobalAddAtomA

  GetVersion

  GlobalLock

  GlobalUnlock

  FormatMessageA

  lstrlenA

  InterlockedDecrement

  InterlockedIncrement

  CreateMutexA

  ReleaseMutex

  CreateProcessA

  CopyFileA

  FindFirstFileA

  DeleteFileA

  FindNextFileA

  RemoveDirectoryA

  SetFileAttributesA

  GetVersionExA

  GetACP

  SetUnhandledExceptionFilter

  FatalAppExitA

  user32

  LoadCursorW

  SetCursor

  SetDlgItemTextW

  InvalidateRect

  GetParent

  LoadIconW

  SetTimer

  CheckDlgButton

  IsDlgButtonChecked

  SetWindowTextW

  EndDialog

  MessageBoxW

  DialogBoxParamW

  KillTimer

  GetWindowLongW

  ShowWindow

  MoveWindow

  ScreenToClient

  GetDlgItem

  GetWindowRect

  MapDialogRect

  SystemParametersInfoW

  GetWindowTextLengthW

  GetWindowTextW

  SendMessageW

  LoadStringW

  CharUpperW

  IsWindowEnabled

  GetFocus

  SetFocus

  GetKeyState

  PostMessageW

  EnableWindow

  SetWindowLongW

  GetClassLongA

  DrawFrame

  GetCursorInfo

  RegisterWindowMessageW

  SetMenuItemBitmaps

  ChangeDisplaySettingsA

  IMPGetIMEW

  AdjustWindowRect

  GetCursorPos

  GetCursor

  InsertMenuA

  GetMonitorInfoA

  SetWindowsHookW

  DrawFrameControl

  LoadAcceleratorsA

  GetScrollRange

  LoadMenuW

  GetClipboardSequenceNumber

  CharNextA

  GetScrollInfo

  RegisterClassA

  SetCaretBlinkTime

  RegisterClipboardFormatA

  CreateDesktopA

  RegisterWindowMessageA

  EqualRect

  GetKeyNameTextA

  SystemParametersInfoA

  DdeGetLastError

  EndDeferWindowPos

  GetLastActivePopup

  SendDlgItemMessageA

  CloseClipboard

  DrawMenuBar

  GetClassInfoExW

  AppendMenuA

  GetWindowDC

  DdeSetUserHandle

  DeferWindowPos

  MonitorFromRect

  BeginPaint

  EndPaint

  TabbedTextOutA

  DrawTextA

  GrayStringA

  GetDialogBaseUnits

  DeleteMenu

  DestroyIcon

  CharUpperA

  GetSysColor

  DispatchMessageA

  AdjustWindowRectEx

  GetClientRect

  BeginDeferWindowPos

  ScrollWindow

  SetScrollInfo

  ShowScrollBar

  SetScrollRange

  SetScrollPos

  GetTopWindow

  MessageBoxA

  IsChild

  TrackPopupMenu

  SetWindowPlacement

  DestroyWindow

  CreateWindowExA

  SetWindowsHookExA

  CallNextHookEx

  SetPropA

  UnhookWindowsHookEx

  GetPropA

  CallWindowProcA

  RemovePropA

  DefWindowProcA

  GetMessageTime

  GetMessagePos

  GetForegroundWindow

  SetForegroundWindow

  OffsetRect

  IntersectRect

  GetWindowPlacement

  GetDC

  GetClassNameA

  BringWindowToTop

  IsWindowVisible

  CopyRect

  SetWindowLongA

  wsprintfA

  SetWindowPos

  GetDlgCtrlID

  UpdateWindow

  GetMenuItemCount

  GetSubMenu

  GetMenuItemID

  UnpackDDElParam

  ReuseDDElParam

  SetActiveWindow

  WinHelpA

  SetMenu

  GetMenu

  LoadIconA

  GetClassInfoA

  LoadMenuA

  DestroyMenu

  CharToOemA

  OemToCharA

  GetWindowTextA

  UnregisterClassA

  HideCaret

  ShowCaret

  ExcludeUpdateRgn

  GetActiveWindow

  GetWindowLongA

  IsWindow

  GetDesktopWindow

  GetWindow

  SendMessageA

  PeekMessageA

  PostMessageA

  GetCapture

  ReleaseCapture

  TranslateAcceleratorA

  ReleaseDC

  GetSysColorBrush

  LoadCursorA

  wvsprintfA

  ClientToScreen

  GetSystemMetrics

  PtInRect

  SetRectEmpty

  RemoveMenu

  GetMenuStringA

  DrawFocusRect

  DefDlgProcA

  InflateRect

  IsWindowUnicode

  GetWindowTextLengthA

  LoadStringA

  GetMessageA

  TranslateMessage

  ValidateRect

  ShowOwnedPopups

  PostQuitMessage

  CreateDialogIndirectParamA

  GetMenuCheckMarkDimensions

  LoadBitmapA

  GetMenuState

  ModifyMenuA

  CheckMenuItem

  EnableMenuItem

  GetNextDlgTabItem

  SetWindowTextA

  IsDialogMessageA

  ScrollWindowEx

  SetDlgItemTextA

  SetDlgItemInt

  GetDlgItemTextA

  GetDlgItemInt

  CheckRadioButton

  IsIconic

  MapWindowPoints

  GetScrollPos

  CloseWindowStation

  IsCharUpperW

  IsGUIThread

  GetClipboardOwner

  EndMenu

  IsCharLowerA

  PaintDesktop

  GetInputState

  DestroyCursor

  IsCharAlphaA

  CharLowerW

  IsCharUpperA

  GetMessageExtraInfo

  GetDoubleClickTime

  GetListBoxInfo

  LoadCursorFromFileW

  GetClipboardViewer

  CreateMenu

  EnumClipboardFormats

  IsCharAlphaNumericA

  gdi32

  CreateFontIndirectW

  DeleteObject

  GetDeviceGammaRamp

  GetObjectA

  CheckColorsInGamut

  SetArcDirection

  SetColorAdjustment

  CreateSolidBrush

  SelectBrushLocal

  ExtCreateRegion

  GdiSetBatchLimit

  GdiConvertBitmapV5

  SetMetaRgn

  STROBJ_bGetAdvanceWidths

  GdiConvertDC

  CreatePatternBrush

  GetMiterLimit

  GetWinMetaFileBits

  SetBkMode

  SetPolyFillMode

  SetROP2

  SetStretchBltMode

  SetMapMode

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowOrgEx

  OffsetWindowOrgEx

  SetWindowExtEx

  ScaleWindowExtEx

  SelectClipRgn

  ExcludeClipRect

  IntersectClipRect

  OffsetClipRgn

  MoveToEx

  LineTo

  SetTextAlign

  SetTextJustification

  SetTextCharacterExtra

  SetMapperFlags

  GetCurrentPositionEx

  ArcTo

  PolyDraw

  SelectPalette

  PolyBezierTo

  GetClipRgn

  CreateRectRgn

  SelectClipPath

  ExtSelectClipRgn

  PlayMetaFileRecord

  GetObjectType

  EnumMetaFile

  PlayMetaFile

  GetViewportExtEx

  GetWindowExtEx

  CreatePen

  ExtCreatePen

  CreateHatchBrush

  CreateDIBPatternBrushPt

  PtVisible

  RectVisible

  TextOutA

  ExtTextOutA

  Escape

  GetTextExtentPoint32A

  GetTextMetricsA

  CreateFontIndirectA

  GetStockObject

  SelectObject

  RestoreDC

  SaveDC

  StartDocA

  DeleteDC

  GetDeviceCaps

  CreateDCA

  CopyMetaFileA

  CreateBitmap

  SetBkColor

  SetTextColor

  GetClipBox

  PolylineTo

  CreateDIBitmap

  PatBlt

  GetTextExtentPointA

  BitBlt

  CreateCompatibleDC

  GetDCOrgEx

  GetPixelFormat

  GetROP2

  GetDCPenColor

  GetColorSpace

  GetStretchBltMode

  AbortPath

  GetEnhMetaFileA

  GdiGetBatchLimit

  SwapBuffers

  GetDCBrushColor

  DeleteMetaFile

  FlattenPath

  CreateMetaFileW

  comdlg32

  CommDlgExtendedError

  GetOpenFileNameW

  GetOpenFileNameA

  GetSaveFileNameA

  GetFileTitleA

  advapi32

  RegOpenKeyExA

  LookupPrivilegeValueW

  OpenProcessToken

  RegQueryValueExA

  GetFileSecurityW

  SetFileSecurityW

  RegQueryValueExW

  RegSetValueExW

  RegDeleteValueW

  RegEnumKeyExW

  RegDeleteKeyW

  RegCloseKey

  RegOpenKeyExW

  RegCreateKeyExW

  AdjustTokenPrivileges

  RegOpenKeyA

  RegCreateKeyA

  RegSetValueA

  GetFileSecurityA

  SetFileSecurityA

  RegDeleteValueA

  RegDeleteKeyA

  RegEnumKeyA

  RegQueryValueA

  RegCreateKeyExA

  RegSetValueExA

  shell32

  SHGetPathFromIDListW

  SHBrowseForFolderW

  SHGetFileInfoW

  SHGetMalloc

  SHFileOperationA

  SHLoadInProc

  ExtractIconA

  DragAcceptFiles

  DragQueryFileA

  DragFinish

  SHGetSpecialFolderPathA

  SHGetFileInfoA

  ole32

  OleInitialize

  CoCreateInstance

  CoInitialize

  CoUninitialize

  WriteFmtUserTypeStg

  SetConvertStg

  CoTaskMemFree

  WriteClassStg

  CoTaskMemAlloc

  OleDuplicateData

  OleRegGetUserType

  ReadFmtUserTypeStg

  ReadClassStg

  StringFromCLSID

  CoTreatAsClass

  ReleaseStgMedium

  CoDisconnectObject

  CreateBindCtx

  shlwapi

  StrRChrIA

  StrStrW

  Sections

  .text

  Size: 184KB - Virtual size: 183KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 248B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 19KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ