Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0909322dede6d2639bc5aba3de6bbe4a6b9552df002547378c35629b1ceefedf

  • Size

    3.6MB

  • Sample

    221129-rm8gaaah6y

  • MD5

    6e2b9256f691caef06f67960b0816391

  • SHA1

    0fb9bf1dc40a945fa04083644b4800574b6b619a

  • SHA256

    0909322dede6d2639bc5aba3de6bbe4a6b9552df002547378c35629b1ceefedf

  • SHA512

    23614ce8a324d4a0d54acb9b2427eaf37a3534ba23040c8a484f00da36714a991de5637f6cc72e9b45e709f1f94e4086f390ea3615f01013fcd1629cbe81933d

  • SSDEEP

    98304:08AxfdECV5367x4LPwQ3wk6CTkv9hldFOKc8/oXyk8h3gPFzQ85C:08Axfhjjv6CTgRFOKXdthGFc

Score
8/10
collectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      0909322dede6d2639bc5aba3de6bbe4a6b9552df002547378c35629b1ceefedf

    • Size

      3.6MB

    • MD5

      6e2b9256f691caef06f67960b0816391

    • SHA1

      0fb9bf1dc40a945fa04083644b4800574b6b619a

    • SHA256

      0909322dede6d2639bc5aba3de6bbe4a6b9552df002547378c35629b1ceefedf

    • SHA512

      23614ce8a324d4a0d54acb9b2427eaf37a3534ba23040c8a484f00da36714a991de5637f6cc72e9b45e709f1f94e4086f390ea3615f01013fcd1629cbe81933d

    • SSDEEP

      98304:08AxfdECV5367x4LPwQ3wk6CTkv9hldFOKc8/oXyk8h3gPFzQ85C:08Axfhjjv6CTgRFOKXdthGFc

    Score
    8/10
    collectiondiscoveryspywarestealer

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Email Collection

2
T1114

Exfiltration

Command and Control

Impact

Tasks