Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    558d23c11022983d9ff380bf6ddd7d8152bfc6f9194ec2a46a3d48d31afcc1b5

  • Size

    375KB

  • Sample

    221007-14g54adhek

  • MD5

    e5311d33b5ba46dc93c294afe3e37e58

  • SHA1

    e26e22e00f65950ffd4d9866a6d5c32477a391e8

  • SHA256

    558d23c11022983d9ff380bf6ddd7d8152bfc6f9194ec2a46a3d48d31afcc1b5

  • SHA512

    6e14a25449bc02b3eb9b6b8687387d281b281288ccc17300500b4d51549f9df8ea400d70603979aec4f9a1394ee68550aabef2d98298591adaded67f1f1d0880

  • SSDEEP

    6144:iv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:i4VOiF1WD7kE1dTYOi8V5u23zmWFy4

Score
10/10
gh0stratratupx

Malware Config

Targets

    • Target

      558d23c11022983d9ff380bf6ddd7d8152bfc6f9194ec2a46a3d48d31afcc1b5

    • Size

      375KB

    • MD5

      e5311d33b5ba46dc93c294afe3e37e58

    • SHA1

      e26e22e00f65950ffd4d9866a6d5c32477a391e8

    • SHA256

      558d23c11022983d9ff380bf6ddd7d8152bfc6f9194ec2a46a3d48d31afcc1b5

    • SHA512

      6e14a25449bc02b3eb9b6b8687387d281b281288ccc17300500b4d51549f9df8ea400d70603979aec4f9a1394ee68550aabef2d98298591adaded67f1f1d0880

    • SSDEEP

      6144:iv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:i4VOiF1WD7kE1dTYOi8V5u23zmWFy4

    Score
    10/10
    gh0stratratupx

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks