Analysis
-
max time kernel
31s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220715-en -
resource tags
arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system -
submitted
25-07-2022 16:38
Static task
static1
Behavioral task
behavioral1
Sample
553cebfb4f6aab50390207ec9d0370edad33d7c7ac99d32b12481d4f452ebb77.exe
Resource
win7-20220715-en
windows7-x64
3 signatures
150 seconds
General
-
Target
553cebfb4f6aab50390207ec9d0370edad33d7c7ac99d32b12481d4f452ebb77.exe
-
Size
344KB
-
MD5
1eb9fe6bed911288e1e184b838cab440
-
SHA1
ace940ecdb5f34ac018930ae7e9ff14333c6fbcf
-
SHA256
553cebfb4f6aab50390207ec9d0370edad33d7c7ac99d32b12481d4f452ebb77
-
SHA512
6aa7aa4c00b997d6e1a1fc33deb72e596cf62830260feaca628c675464266c62d55b2f4a31596ff3da0b0dafd503bbd7f68a5bf7c9daa63b8e571ed540c78b9f
Malware Config
Extracted
Family
dridex
C2
184.106.153.73:443
88.220.65.41:3389
66.228.47.181:443
198.199.106.229:5900
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1972-55-0x0000000001220000-0x0000000001277000-memory.dmp dridex_ldr -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
553cebfb4f6aab50390207ec9d0370edad33d7c7ac99d32b12481d4f452ebb77.exepid process 1972 553cebfb4f6aab50390207ec9d0370edad33d7c7ac99d32b12481d4f452ebb77.exe