Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b5cb530732bf7623d55942ebec994960c800386c4e21c75d0939b592a512582

  • Size

    375KB

  • Sample

    221004-ttqadsbeb3

  • MD5

    8b047e71c2e4062e3ea53892120a7aa6

  • SHA1

    30ce076f14dfdb4d27f7005e7a7c44947168cb3c

  • SHA256

    1b5cb530732bf7623d55942ebec994960c800386c4e21c75d0939b592a512582

  • SHA512

    a7bd7e7ef1a415557ac857bd5aa7b546c07c3a811bbf7acf4bc7c35362b7d7b21b7423c4998939a4e6548a81b9c85e866c693645ea3a50f71c8457238d31f041

  • SSDEEP

    6144:tv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:t4VOiF1WD7kE1dTYOi8V5u23zmWFy4

Score
10/10
gh0stratratupx

Malware Config

Targets

    • Target

      1b5cb530732bf7623d55942ebec994960c800386c4e21c75d0939b592a512582

    • Size

      375KB

    • MD5

      8b047e71c2e4062e3ea53892120a7aa6

    • SHA1

      30ce076f14dfdb4d27f7005e7a7c44947168cb3c

    • SHA256

      1b5cb530732bf7623d55942ebec994960c800386c4e21c75d0939b592a512582

    • SHA512

      a7bd7e7ef1a415557ac857bd5aa7b546c07c3a811bbf7acf4bc7c35362b7d7b21b7423c4998939a4e6548a81b9c85e866c693645ea3a50f71c8457238d31f041

    • SSDEEP

      6144:tv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:t4VOiF1WD7kE1dTYOi8V5u23zmWFy4

    Score
    10/10
    gh0stratratupx

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks