Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb10d1876255ac5c7beb971b9c3f748976eef78067690392f36e698939331ac1

  • Size

    880KB

  • Sample

    221010-jbcw8sbcbk

  • MD5

    53460de37325b4979177f832ae51f9de

  • SHA1

    f32dd3e711e5fc24c3e525ab835c83588cbc1558

  • SHA256

    bb10d1876255ac5c7beb971b9c3f748976eef78067690392f36e698939331ac1

  • SHA512

    19a489017baaa2adb1c9cf75a502725a28193e4a0661b8f7956169084884e82e07d9b980091d1f8c307cb6f7ae7e7bb3fd3012db0a30dedbe30621f1f60f1595

  • SSDEEP

    24576:7stUx5NK+HjoSIIJ2thqogNSNOKt5apf7xesN7:gtIS+dJgRkSNO0Qpow

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      bb10d1876255ac5c7beb971b9c3f748976eef78067690392f36e698939331ac1

    • Size

      880KB

    • MD5

      53460de37325b4979177f832ae51f9de

    • SHA1

      f32dd3e711e5fc24c3e525ab835c83588cbc1558

    • SHA256

      bb10d1876255ac5c7beb971b9c3f748976eef78067690392f36e698939331ac1

    • SHA512

      19a489017baaa2adb1c9cf75a502725a28193e4a0661b8f7956169084884e82e07d9b980091d1f8c307cb6f7ae7e7bb3fd3012db0a30dedbe30621f1f60f1595

    • SSDEEP

      24576:7stUx5NK+HjoSIIJ2thqogNSNOKt5apf7xesN7:gtIS+dJgRkSNO0Qpow

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks