Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    154s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    12/10/2022, 09:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f825575c22faeaf9a8a788ccb65380c490d975d2380cd071c1928f4e841f42ff.exe

  • Size

    300KB

  • MD5

    a792477c41f41c765524d8364a9e152c

  • SHA1

    9a1f0fb1af5828885443525d3190166ec578fcec

  • SHA256

    f825575c22faeaf9a8a788ccb65380c490d975d2380cd071c1928f4e841f42ff

  • SHA512

    bd0f8c8f475e28607e0a604cdf2615123ff1ac65b3a2fef875795480a4c6a0b7c73bfbf4da5f63fa15ee445fc1868e863218ec848f53dc46ce7cf1e40e9538af

  • SSDEEP

    6144:D7YU8Qj20VilUoJlqjIRNc4XeigavwVfquSfn:Ds5MViOmgsPc4XTZz

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f825575c22faeaf9a8a788ccb65380c490d975d2380cd071c1928f4e841f42ff.exe
    "C:\Users\Admin\AppData\Local\Temp\f825575c22faeaf9a8a788ccb65380c490d975d2380cd071c1928f4e841f42ff.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:1756

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1756-116-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-117-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-118-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-119-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-120-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-121-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-122-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-123-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-124-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-125-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-126-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-127-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-128-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-129-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-130-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-131-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-132-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-133-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-134-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-135-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-136-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-137-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-138-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-139-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-140-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-141-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-142-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-143-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-144-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-145-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-146-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-147-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-148-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-149-0x0000000077C40000-0x0000000077DCE000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/1756-150-0x000000000064C000-0x000000000065D000-memory.dmp

          Filesize

          68KB

          Download

        • memory/1756-151-0x0000000000450000-0x000000000059A000-memory.dmp

          Filesize

          1.3MB

          Download

        • memory/1756-152-0x0000000000400000-0x0000000000450000-memory.dmp

          Filesize

          320KB

          Download

        • memory/1756-153-0x000000000064C000-0x000000000065D000-memory.dmp

          Filesize

          68KB

          Download

        • memory/1756-154-0x0000000000400000-0x0000000000450000-memory.dmp

          Filesize

          320KB

          Download