Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
29-06-2022 10:28
General
-
Target
02c74ae576e11a6a29210f6885226f89dab917a5fb373b70dbd4587398c84042.exe
-
Size
1.4MB
-
MD5
65aa1ef0fcf244ed35cbf6156068d875
-
SHA1
2cebd5ac679954f6a2009ffb41502d050a312025
-
SHA256
02c74ae576e11a6a29210f6885226f89dab917a5fb373b70dbd4587398c84042
-
SHA512
e7e7cda5a4c5b44de9ea4c9c08430b435d078d6683f4c363477cafb4c0f196a8394a9c779a334b02a76b2339b2efeadabdb592e8e48d2a355a9e65086a82da04
Score
10/10
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
157.7.166.26:5353
162.144.127.197:3786
46.22.57.17:5037
rc4.plain
rc4.plain
Signatures
-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\02c74ae576e11a6a29210f6885226f89dab917a5fb373b70dbd4587398c84042.exe"C:\Users\Admin\AppData\Local\Temp\02c74ae576e11a6a29210f6885226f89dab917a5fb373b70dbd4587398c84042.exe"1⤵
- Checks whether UAC is enabled
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1756-54-0x00000000750C1000-0x00000000750C3000-memory.dmpFilesize
8KB
-
memory/1756-55-0x00000000001B0000-0x00000000001EC000-memory.dmpFilesize
240KB
-
memory/1756-56-0x0000000000400000-0x0000000000569000-memory.dmpFilesize
1.4MB
-
memory/1756-57-0x0000000000400000-0x0000000000569000-memory.dmpFilesize
1.4MB