Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    27/10/2022, 23:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    51232d6cace2d4e8dd0b80a5d86fdbdb180dd32f2cb0013a78c54b0e25d91673.exe

  • Size

    255KB

  • MD5

    a7aede0e87e4aabc336cb2700d8912df

  • SHA1

    be3cc2cd0e2181a351212017af091fe6b3b34266

  • SHA256

    51232d6cace2d4e8dd0b80a5d86fdbdb180dd32f2cb0013a78c54b0e25d91673

  • SHA512

    4e0e927b125c5fb131b19fb72d23f895df03aae5e7122f49a2cf7c90bc5fa1bb6a770ec57f734b968a4809919746809f10d8c1f99ba6c659afdb4c3d2595d9e0

  • SSDEEP

    3072:cYXOK3qVax/mqnq5p59gNivf6ygG1e5bY5ahQ4Yr0QQPY42AId0Kh:DxqmQa1y/1eDYr3AQ0

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\51232d6cace2d4e8dd0b80a5d86fdbdb180dd32f2cb0013a78c54b0e25d91673.exe
    "C:\Users\Admin\AppData\Local\Temp\51232d6cace2d4e8dd0b80a5d86fdbdb180dd32f2cb0013a78c54b0e25d91673.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:3492

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3008-189-0x0000000000DB0000-0x0000000000DC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-190-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-215-0x0000000000E70000-0x0000000000E80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-214-0x0000000001020000-0x0000000001030000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-213-0x0000000000E70000-0x0000000000E80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-212-0x0000000001020000-0x0000000001030000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-211-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-210-0x0000000000DB0000-0x0000000000DC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-206-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-203-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-202-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-201-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-200-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-199-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-198-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-197-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-163-0x0000000000DB0000-0x0000000000DC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-196-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-195-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-194-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-193-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-169-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-188-0x0000000000E70000-0x0000000000E80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-187-0x0000000000E70000-0x0000000000E80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-164-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-186-0x0000000000E70000-0x0000000000E80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-185-0x0000000000E70000-0x0000000000E80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-184-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-183-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-182-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-181-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-180-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-177-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-176-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-175-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-174-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-159-0x0000000000DB0000-0x0000000000DC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-161-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-173-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-166-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-172-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-162-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-168-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3008-167-0x0000000000E40000-0x0000000000E50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3492-141-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-145-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-137-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-156-0x0000000000400000-0x0000000002C2D000-memory.dmp

    Filesize

    40.2MB

    Download

  • memory/3492-155-0x0000000000400000-0x0000000002C2D000-memory.dmp

    Filesize

    40.2MB

    Download

  • memory/3492-151-0x0000000002D60000-0x0000000002EAA000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/3492-154-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-153-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-152-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-150-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-149-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-148-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-147-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-146-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-144-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-143-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-120-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-142-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-121-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-140-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-139-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-138-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-136-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-135-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-133-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-132-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-131-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-130-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-129-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-128-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-127-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-126-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-125-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-124-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-123-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3492-122-0x00000000778E0000-0x0000000077A6E000-memory.dmp

    Filesize

    1.6MB

    Download