Overview

overview

1

Static

static

dridex

windows10-2004-x64

1

Analysis

  • max time kernel
    178s
  • max time network
    190s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dd158cfbdcd34d40c35e6e0c2aaccdff0049114e9e196cf4d582a8101e79f4ba.dll

  • Size

    1.7MB

  • MD5

    1b1d6a59902a2dc71fb73a1b0525a668

  • SHA1

    220db515b7ef708a7bc77f9f0636b1627a81065a

  • SHA256

    dd158cfbdcd34d40c35e6e0c2aaccdff0049114e9e196cf4d582a8101e79f4ba

  • SHA512

    492526cb28ae18fe1d1e1c2aafc75501da6c1f066ee6e4605c41ca04db562f08a5eebced60c8e07fd717c902eca2cdcb0fed0158a98ca6c619947e9a1ede0ecb

  • SSDEEP

    24576:Y4Df5rev4L3w8O05BNZJO5rFyy6+xZ9DMJq8gF2PcCx98Gcw3cwR:YiqgL3bO09OpN6+xwJqPyvz3zR

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\dd158cfbdcd34d40c35e6e0c2aaccdff0049114e9e196cf4d582a8101e79f4ba.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4052
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\dd158cfbdcd34d40c35e6e0c2aaccdff0049114e9e196cf4d582a8101e79f4ba.dll,#1
      2⤵
        PID:2976

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2976-132-0x0000000000000000-mapping.dmp
      Download
    • memory/2976-133-0x00000000023A0000-0x000000000254D000-memory.dmp
      Filesize

      1.7MB

      Download
    • memory/2976-134-0x0000000002890000-0x00000000029CB000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/2976-135-0x0000000002AF0000-0x0000000002C05000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/2976-136-0x0000000002650000-0x0000000002717000-memory.dmp
      Filesize

      796KB

      Download
    • memory/2976-137-0x0000000002C10000-0x0000000002CC4000-memory.dmp
      Filesize

      720KB

      Download
    • memory/2976-138-0x0000000002C10000-0x0000000002CC4000-memory.dmp
      Filesize

      720KB

      Download
    • memory/2976-140-0x0000000002AF0000-0x0000000002C05000-memory.dmp
      Filesize

      1.1MB

      Download