Overview

overview

10

Static

static

dridex

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35ddf428695769bb87459e0848cfae7eb62a86c91c8bb33a2caa23c5fbc43b73

  • Size

    629KB

  • Sample

    220704-w3abmsafdj

  • MD5

    6adcad993626f90d1efcbb797c6fc63f

  • SHA1

    7a98b02cf27bb92ff397de5b5554ab17426edfe9

  • SHA256

    35ddf428695769bb87459e0848cfae7eb62a86c91c8bb33a2caa23c5fbc43b73

  • SHA512

    9cf09f841b0f56be7590af0ea43b145df5ba8e20d31ca2fefe234ae1a2ceba5f4a1f950468a566d970a13516172aa3275e39399179e2f0e78b79bf38bbe50015

Score
10/10
xloadernn40loaderrat

Malware Config

Extracted

Family

xloader

Version

2.8

Campaign

nn40

Decoy

LYAg0yANOGEAGeaFOrA/

MQWuERZplP+VZy/uszI=

CF0oDN0JimIaGy/uszI=

ltJnyC+ReohYaiTvj1qbEA==

B9OkgdctVKBAFjSUaw==

sbDVwSZVVqVB11/deow8GA==

v1gHDe0pzno=

i+/0n2vHUfGPR98k77tukZ90MQ==

SUtCnbS96Qm21g==

8X9qzyt1dpAo31jXrXfKb49fBPY=

5KlPxqHzSstuFjSUaw==

0r/Kesv/zuanroxvNQW0Gm8=

FFgS7kfPYAqpdhhgRgnBJHY=

LgusAHrkrIoWr0FWIe2o/04UXPw=

vBq9Gvxa9wbKbS/uszI=

Z+q6HAZNNeqwwQ==

wbS4fMb06SjU5Kbseow8GA==

1mZEuZvJ/m0L9bof56PkkZ90MQ==

JCJIM74lHk/o+tiFOrA/

d14FrM8rGEgIzVkT67+3XaEh

Targets

    • Target

      35ddf428695769bb87459e0848cfae7eb62a86c91c8bb33a2caa23c5fbc43b73

    • Size

      629KB

    • MD5

      6adcad993626f90d1efcbb797c6fc63f

    • SHA1

      7a98b02cf27bb92ff397de5b5554ab17426edfe9

    • SHA256

      35ddf428695769bb87459e0848cfae7eb62a86c91c8bb33a2caa23c5fbc43b73

    • SHA512

      9cf09f841b0f56be7590af0ea43b145df5ba8e20d31ca2fefe234ae1a2ceba5f4a1f950468a566d970a13516172aa3275e39399179e2f0e78b79bf38bbe50015

    Score
    10/10
    xloadernn40loaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks