ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e | Triage

Submit
Reports

Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

General

Target

ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e
Size

1.0MB
Sample

221123-w83v5seb99
MD5

68e13d12273780f9fff621947ebcec70
SHA1

2138ad56054273073df614dba3800e3a92292c31
SHA256

ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e
SHA512

4a2df5bbbafabb1ae120d4e9ea1a1b90473c42812f5059df63b7b4eaab48408b0bbe712a79ea79c43fc9ee5fe09da89be1f23fc85f296569f4a6d03c5cdf21d7
SSDEEP

24576:YuDLYe9wBCwOoSknrA6xNJ7IRjNw77KtENfla27N5KN:YgLlwYwOoJA3w7xvPKN

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e.exe

Resource

win10v2004-20220901-en

discovery persistence

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e
- Size
  
  1.0MB
- MD5
  
  68e13d12273780f9fff621947ebcec70
- SHA1
  
  2138ad56054273073df614dba3800e3a92292c31
- SHA256
  
  ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e
- SHA512
  
  4a2df5bbbafabb1ae120d4e9ea1a1b90473c42812f5059df63b7b4eaab48408b0bbe712a79ea79c43fc9ee5fe09da89be1f23fc85f296569f4a6d03c5cdf21d7
- SSDEEP
  
  24576:YuDLYe9wBCwOoSknrA6xNJ7IRjNw77KtENfla27N5KN:YgLlwYwOoJA3w7xvPKN
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Sets DLL path for service in the registry
  persistence
- Sets service image path in registry
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

© 2018-2024

Terms | Privacy