Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    59s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    26-10-2022 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b39d58731e56e3a3d6bc413eae5f5b767a224914830ef0092f6230393d723932.exe

  • Size

    223KB

  • MD5

    cd16230e22e63f33090c30c43bb03460

  • SHA1

    da061455ba0f030737f4b94829c99ce8414a0030

  • SHA256

    b39d58731e56e3a3d6bc413eae5f5b767a224914830ef0092f6230393d723932

  • SHA512

    05684d0775b36a2b7156127154daa1907fe45428bd9310e4d33e6c5953547da4ca68e8376c16bcdbbce8f5eb64fa100e32b68f9afc59b25b8aeea27cf9c51609

  • SSDEEP

    3072:HnyHW6LqAyAg70YmLHwG/6p5TTV99dPBBkiCp3yIwojmHrCVLGsm3THx:Hny2rAU701LHd/WTNdZnNoQrCNGbjH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b39d58731e56e3a3d6bc413eae5f5b767a224914830ef0092f6230393d723932.exe
    "C:\Users\Admin\AppData\Local\Temp\b39d58731e56e3a3d6bc413eae5f5b767a224914830ef0092f6230393d723932.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:1816

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1816-120-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-121-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-122-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-123-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-124-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-125-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-126-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-127-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-128-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-129-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-130-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-131-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-132-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-133-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-134-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-135-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-136-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-137-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-138-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-139-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-140-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-141-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-143-0x00000000007F6000-0x0000000000807000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1816-142-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-144-0x00000000005A0000-0x000000000064E000-memory.dmp

    Filesize

    696KB

    Download

  • memory/1816-145-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-146-0x0000000000400000-0x0000000000595000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-147-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-148-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-149-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-151-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-150-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-152-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-153-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-154-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-155-0x0000000077D10000-0x0000000077E9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1816-156-0x00000000007F6000-0x0000000000807000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1816-157-0x0000000000400000-0x0000000000595000-memory.dmp

    Filesize

    1.6MB

    Download