Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    56s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    25-09-2022 19:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    210d2eff47f197850bd0f11493baf5759a8937ae66b9990c5d1d61a8ec370f59.exe

  • Size

    202KB

  • MD5

    75d67d528bfde05333797ea5d89a6081

  • SHA1

    c12c9c79e5e3dad490103414c5787197b05264d1

  • SHA256

    210d2eff47f197850bd0f11493baf5759a8937ae66b9990c5d1d61a8ec370f59

  • SHA512

    cb3020a751f714483209a51fdce3766dc93cb648b51dd13c4142d70e276d2743c85d3cfc607c3ecca67f1cbb4cc4f202473fa3a89159621aebcd038009c4086c

  • SSDEEP

    3072:e2UvDx2eCzEz56U2AgXui33L5213OxCvWBlH5w/Pku5x:SVATTAKuIL5C3ICQ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\210d2eff47f197850bd0f11493baf5759a8937ae66b9990c5d1d61a8ec370f59.exe
    "C:\Users\Admin\AppData\Local\Temp\210d2eff47f197850bd0f11493baf5759a8937ae66b9990c5d1d61a8ec370f59.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:4220

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4220-116-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-117-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-118-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-119-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-120-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-121-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-122-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-123-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-124-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-125-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-126-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-127-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-129-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-128-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-130-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-132-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-133-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-134-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-135-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-137-0x0000000000660000-0x00000000007AA000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/4220-141-0x0000000000400000-0x000000000058C000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/4220-142-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-143-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-140-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-139-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-138-0x0000000000590000-0x000000000063E000-memory.dmp

    Filesize

    696KB

    Download

  • memory/4220-136-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-144-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-145-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-146-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-147-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-148-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-149-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-151-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-150-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-152-0x0000000077DA0000-0x0000000077F2E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4220-153-0x0000000000400000-0x000000000058C000-memory.dmp

    Filesize

    1.5MB

    Download