feab302abc2d9626cd5a260f8481959b1052d0d84913cf5b739b0e13b6032493 | Triage

Submit
Reports

Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

feab302abc2d9626cd5a260f8481959b1052d0d84913cf5b739b0e13b6032493
Size

6.1MB
Sample

221030-1jcd4scgek
MD5

ea9038a7d470e6347bc75f82f6f06639
SHA1

eaaf16fa17d7e50340e42d4cd74e26b2b3317832
SHA256

feab302abc2d9626cd5a260f8481959b1052d0d84913cf5b739b0e13b6032493
SHA512

e2e952f26585cb6db4679329abe7f3d975326174f0be6167aff8d58b6f37a5a30ab394bfa9572a880d51a01e45ed8acf950872e78a44c88b513d4b0d4faad707
SSDEEP

98304:3NFqqWaMkTVUTONam8iWy4xK7VYNBIr9jMkCsen7Mn12KMQSwkrxg:90EMkySulYKOg7Mn11vTk

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

feab302abc2d9626cd5a260f8481959b1052d0d84913cf5b739b0e13b6032493.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  feab302abc2d9626cd5a260f8481959b1052d0d84913cf5b739b0e13b6032493
- Size
  
  6.1MB
- MD5
  
  ea9038a7d470e6347bc75f82f6f06639
- SHA1
  
  eaaf16fa17d7e50340e42d4cd74e26b2b3317832
- SHA256
  
  feab302abc2d9626cd5a260f8481959b1052d0d84913cf5b739b0e13b6032493
- SHA512
  
  e2e952f26585cb6db4679329abe7f3d975326174f0be6167aff8d58b6f37a5a30ab394bfa9572a880d51a01e45ed8acf950872e78a44c88b513d4b0d4faad707
- SSDEEP
  
  98304:3NFqqWaMkTVUTONam8iWy4xK7VYNBIr9jMkCsen7Mn12KMQSwkrxg:90EMkySulYKOg7Mn11vTk
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy