9c3fb6391dc94d7a94ffa534fe6e877aaa33bfee42fbd3cc85462295f8cfb616 | Triage

Submit
Reports

Overview

overview

8

Static

static

dridex

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

9c3fb6391dc94d7a94ffa534fe6e877aaa33bfee42fbd3cc85462295f8cfb616
Size

7.3MB
Sample

220917-n6sndshgb7
MD5

e21c4616e935528c83bbf43d00bce490
SHA1

976d06c5c89040f40e698d1f52e7ab1172121eb1
SHA256

9c3fb6391dc94d7a94ffa534fe6e877aaa33bfee42fbd3cc85462295f8cfb616
SHA512

418910ee33fa5f7963ca53bf64bfd4fa7c8217df216d2ff074a642a389ffb04d848ee8011c03ad3de1df7a97755d7289d846dbc016eb5136b1f7a6758f01a88d
SSDEEP

196608:91OBtqrBd9AixUM50tl+KOtrE6mEEyQ/2ckXipvXTMHsVOMkfdM:3OvqrBd9Aix0DnMmncipvTMMQM

Score

8^/10

discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

9c3fb6391dc94d7a94ffa534fe6e877aaa33bfee42fbd3cc85462295f8cfb616.exe

Resource

win10-20220812-en

discovery spyware stealer

windows10-1703-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  9c3fb6391dc94d7a94ffa534fe6e877aaa33bfee42fbd3cc85462295f8cfb616
- Size
  
  7.3MB
- MD5
  
  e21c4616e935528c83bbf43d00bce490
- SHA1
  
  976d06c5c89040f40e698d1f52e7ab1172121eb1
- SHA256
  
  9c3fb6391dc94d7a94ffa534fe6e877aaa33bfee42fbd3cc85462295f8cfb616
- SHA512
  
  418910ee33fa5f7963ca53bf64bfd4fa7c8217df216d2ff074a642a389ffb04d848ee8011c03ad3de1df7a97755d7289d846dbc016eb5136b1f7a6758f01a88d
- SSDEEP
  
  196608:91OBtqrBd9AixUM50tl+KOtrE6mEEyQ/2ckXipvXTMHsVOMkfdM:3OvqrBd9Aix0DnMmncipvTMMQM
Score

8^/10

discovery spyware stealer
- Blocklisted process makes network request
- Executes dropped EXE
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

© 2018-2025

Terms | Privacy