5442de84e4a18be9f79028318239672fe0c972b67a40ee7b5c07db97900b8cbb | Triage

Submit
Reports

Overview

overview

Static

static

5442de84e4...bb.exe

windows7-x64

5442de84e4...bb.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5442de84e4a18be9f79028318239672fe0c972b67a40ee7b5c07db97900b8cbb.exe

Resource

win7-20220715-en

dridex botnet loader

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

5442de84e4a18be9f79028318239672fe0c972b67a40ee7b5c07db97900b8cbb.exe

Resource

win10v2004-20220721-en

dridex botnet loader

windows10-2004-x64

2 signatures

150 seconds

General

Target

5442de84e4a18be9f79028318239672fe0c972b67a40ee7b5c07db97900b8cbb
Size

212KB
MD5

e0e75d4f8a64a6af9808f2e9211edbba
SHA1

a60b23fae639ee707510ff7b597dcb4c0def1e95
SHA256

5442de84e4a18be9f79028318239672fe0c972b67a40ee7b5c07db97900b8cbb
SHA512

fb1a0c161299d62d83951d92179b6dfa7de7789e9f1c660324de2f3cf9e9e2fea1c40760041c707cc1284bf01d061571484547cfbc07cfc0522d31ca193aafd5
SSDEEP

3072:RQ8XtHhvc+rtYM9AcM7Lip5rsszsjwTvBaL2qCwwASSSSSdo4y+rBJ71KAym+8VC:RQ8XNtYB7LwTssm2qCwwlzJ71KTk

Score

N/A

Malware Config

Signatures

Files

5442de84e4a18be9f79028318239672fe0c972b67a40ee7b5c07db97900b8cbb
.exe windows x86

21527c96119ca0b028aa82a5cdef9b6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

kernel32

GetCurrentProcess
GetTickCount
GetProcessShutdownParameters
IsValidLanguageGroup
GetCommandLineA
GetConsoleProcessList
SetConsoleMode
GetConsoleSelectionInfo

advapi32

CreatePrivateObjectSecurity

user32

GetKeyState
GetClientRect
GetDesktopWindow
ValidateRect

winscard

SCardConnectA

oleaut32

VarDecFromR4

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy