Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d50fb05a8c553361e250ef27c0257c53909160435c891838bd40634b0862523

  • Size

    375KB

  • Sample

    220918-hrvxbaeger

  • MD5

    15312baf1bc35bfc10ee85924b56cacd

  • SHA1

    118ce5d6119746cd42427e366610767ed56460fb

  • SHA256

    8d50fb05a8c553361e250ef27c0257c53909160435c891838bd40634b0862523

  • SHA512

    209147cf21f864cddc34a8ab88b1f90e9d900158f448b9fd12e278d977e4d3bd42ec8331322b5ae600c49018c7cd52351f2e5fffe008ec956be45738ae28f97b

  • SSDEEP

    6144:Zv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:Z4VOiF1WD7kE1dTYOi8V5u23zmWFy4

Score
10/10
gh0stratratupx

Malware Config

Targets

    • Target

      8d50fb05a8c553361e250ef27c0257c53909160435c891838bd40634b0862523

    • Size

      375KB

    • MD5

      15312baf1bc35bfc10ee85924b56cacd

    • SHA1

      118ce5d6119746cd42427e366610767ed56460fb

    • SHA256

      8d50fb05a8c553361e250ef27c0257c53909160435c891838bd40634b0862523

    • SHA512

      209147cf21f864cddc34a8ab88b1f90e9d900158f448b9fd12e278d977e4d3bd42ec8331322b5ae600c49018c7cd52351f2e5fffe008ec956be45738ae28f97b

    • SSDEEP

      6144:Zv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:Z4VOiF1WD7kE1dTYOi8V5u23zmWFy4

    Score
    10/10
    gh0stratratupx

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks