Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

  • Size

    1.7MB

  • Sample

    221129-r1dh3acb6x

  • MD5

    eaca6598d7a3f491bd58d70fdaf58d4e

  • SHA1

    036a2f41a43bbe728f60a32d72ba7fe1f4e5f636

  • SHA256

    1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

  • SHA512

    701d4ba682a3b6d57aff4aa4e4234f2ed5aea848296b08dedceed8d3a783bbd1616a182df0cd2fb82e2bcc519686827b8bbbd6521d1d28f5b5b2098bd5e05c55

  • SSDEEP

    49152:hZwe+yhWvrBATk7d+tVXMiV6kqXjlm9fb3j3:XL+yhWvrBAAd+TXM31XpmFz3

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

    • Size

      1.7MB

    • MD5

      eaca6598d7a3f491bd58d70fdaf58d4e

    • SHA1

      036a2f41a43bbe728f60a32d72ba7fe1f4e5f636

    • SHA256

      1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

    • SHA512

      701d4ba682a3b6d57aff4aa4e4234f2ed5aea848296b08dedceed8d3a783bbd1616a182df0cd2fb82e2bcc519686827b8bbbd6521d1d28f5b5b2098bd5e05c55

    • SSDEEP

      49152:hZwe+yhWvrBATk7d+tVXMiV6kqXjlm9fb3j3:XL+yhWvrBAAd+TXM31XpmFz3

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

1
T1064

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks