Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6a68fface5afee98e820d875034ced0fa7551e91fdcf08d70022757913d14657

  • Size

    375KB

  • Sample

    220915-f6355affhm

  • MD5

    cd222262e47369a7e985ae603cd0168a

  • SHA1

    1fd4d2eadfb446771c31be279227fda243faead4

  • SHA256

    6a68fface5afee98e820d875034ced0fa7551e91fdcf08d70022757913d14657

  • SHA512

    a95914e9243c317658b5939fa95277a1cf5afaed026689a9d00dc39de871e6aebe21524560f2bb57e0e5d5ba72b6e4e94472f28fdc400e9bfa2ae505eeeea6c9

  • SSDEEP

    6144:Zv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:Z4VOiF1WD7kE1dTYOi8V5u23zmWFy4

Score
10/10
gh0stratratupx

Malware Config

Targets

    • Target

      6a68fface5afee98e820d875034ced0fa7551e91fdcf08d70022757913d14657

    • Size

      375KB

    • MD5

      cd222262e47369a7e985ae603cd0168a

    • SHA1

      1fd4d2eadfb446771c31be279227fda243faead4

    • SHA256

      6a68fface5afee98e820d875034ced0fa7551e91fdcf08d70022757913d14657

    • SHA512

      a95914e9243c317658b5939fa95277a1cf5afaed026689a9d00dc39de871e6aebe21524560f2bb57e0e5d5ba72b6e4e94472f28fdc400e9bfa2ae505eeeea6c9

    • SSDEEP

      6144:Zv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:Z4VOiF1WD7kE1dTYOi8V5u23zmWFy4

    Score
    10/10
    gh0stratratupx

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks