Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    23-11-2022 13:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0ace3785dd2cf1b9e8696e2e26735ba89800f8e4e1efaa8d23c058b145b04bd.exe

  • Size

    186KB

  • MD5

    620ae5771848bc425d5d686054019ef8

  • SHA1

    c16fa58a41f6deeb94369bd9371aa7dbd91a014f

  • SHA256

    c0ace3785dd2cf1b9e8696e2e26735ba89800f8e4e1efaa8d23c058b145b04bd

  • SHA512

    65945888bf87d6e2db50b839ae49b245ce4ff5e5ddc74fbac5481b5cf59082fb46f1fc7e0b2985ea0247b9b422c3d75c482480c2bd3b306e8b63f5b860cdbbb0

  • SSDEEP

    3072:DehojATICdjLWBJa07Wyos5EO2cbybKXzOUiVRhAssmDxU:ahcSLWBJa07lwcbybMzlGhA46

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c0ace3785dd2cf1b9e8696e2e26735ba89800f8e4e1efaa8d23c058b145b04bd.exe
    "C:\Users\Admin\AppData\Local\Temp\c0ace3785dd2cf1b9e8696e2e26735ba89800f8e4e1efaa8d23c058b145b04bd.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:4988

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4988-116-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-117-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-118-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-119-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-120-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-121-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-122-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-123-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-124-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-125-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-126-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-127-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-128-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-129-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-130-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-131-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-132-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-133-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-134-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-135-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-136-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-137-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-139-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-140-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-141-0x0000000000770000-0x00000000008BA000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/4988-142-0x0000000000770000-0x00000000008BA000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/4988-143-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-144-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-145-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-146-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-147-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-148-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-149-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-151-0x0000000000400000-0x000000000064C000-memory.dmp

    Filesize

    2.3MB

    Download

  • memory/4988-150-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-152-0x00000000778F0000-0x0000000077A7E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4988-153-0x0000000000400000-0x000000000064C000-memory.dmp

    Filesize

    2.3MB

    Download