Overview

overview

8

Static

static

dridex

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0de3c91d92c1658f5b7cc333ad9b9c94b7f8a0f441741b7c7b909abaa9334b92

  • Size

    724KB

  • Sample

    220923-jv8g9adef5

  • MD5

    2bb558b26582aa9c561ef429c1764a63

  • SHA1

    3b3930e8b856afa98353739db39e2fbab6c916f4

  • SHA256

    0de3c91d92c1658f5b7cc333ad9b9c94b7f8a0f441741b7c7b909abaa9334b92

  • SHA512

    707bae4a482aa5592c8f7fcf94571e7f284a841c96e15be185582fa6aab8c2494cb7acc4d0d9dd36a2117bf322b6f5dfe92c505fc56d970fc0300e993955cfc5

  • SSDEEP

    768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score
8/10
persistence

Malware Config

Targets

    • Target

      0de3c91d92c1658f5b7cc333ad9b9c94b7f8a0f441741b7c7b909abaa9334b92

    • Size

      724KB

    • MD5

      2bb558b26582aa9c561ef429c1764a63

    • SHA1

      3b3930e8b856afa98353739db39e2fbab6c916f4

    • SHA256

      0de3c91d92c1658f5b7cc333ad9b9c94b7f8a0f441741b7c7b909abaa9334b92

    • SHA512

      707bae4a482aa5592c8f7fcf94571e7f284a841c96e15be185582fa6aab8c2494cb7acc4d0d9dd36a2117bf322b6f5dfe92c505fc56d970fc0300e993955cfc5

    • SSDEEP

      768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks