Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    63s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08/10/2022, 20:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5c45cd007274daf7814e76f132d8774414f697844b04dfc447da74ead590405.exe

  • Size

    269KB

  • MD5

    4a8b90bde332cb90447056d826599aea

  • SHA1

    0210120bd9c4014b532ba777c24ad407f1b9d585

  • SHA256

    f5c45cd007274daf7814e76f132d8774414f697844b04dfc447da74ead590405

  • SHA512

    9e5f2ebf10915177fb7c98e5dd4d9f8e210df960248a275d9e2ce27c17b061da830ed418f3a23344425e2ff1e0d2efedeb3c50a85590471969c3fbe1eb91aafb

  • SSDEEP

    6144:SIB+ez4B0DXBCDmeHnhqBS5N1rY9IrwVfX:SIPXXBCDmeHUiL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5c45cd007274daf7814e76f132d8774414f697844b04dfc447da74ead590405.exe
    "C:\Users\Admin\AppData\Local\Temp\f5c45cd007274daf7814e76f132d8774414f697844b04dfc447da74ead590405.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:3768

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3768-116-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-117-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-119-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-118-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-120-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-121-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-122-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-124-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-123-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-125-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-126-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-127-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-128-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-129-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-130-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-131-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-132-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-133-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-134-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-135-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-137-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-136-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-139-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-140-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-141-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-142-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-143-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-144-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-145-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-146-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-147-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-148-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-149-0x0000000000450000-0x000000000059A000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/3768-151-0x0000000000450000-0x00000000004FE000-memory.dmp

    Filesize

    696KB

    Download

  • memory/3768-152-0x0000000000400000-0x0000000000447000-memory.dmp

    Filesize

    284KB

    Download

  • memory/3768-150-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3768-153-0x0000000000400000-0x0000000000447000-memory.dmp

    Filesize

    284KB

    Download