Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    c1caac58e614931c517666747eec84548ca762fff9744c47ed6cfe162c511331

  • Size

    5.6MB

  • Sample

    230102-nta8kshb7s

  • MD5

    526ec95e3113035e7a0352304ec06fb8

  • SHA1

    6f50101533033bfb39ace46e48b661d85dd09ce2

  • SHA256

    c1caac58e614931c517666747eec84548ca762fff9744c47ed6cfe162c511331

  • SHA512

    db81c6c44b279bbf6e14b66dbb3378ff31f2fe8ff76b87f3f3c67169bceb8bab4addd624316727b5c859d89c858b83fe1052a7c39059888d7c48ec5bdc2b4513

  • SSDEEP

    98304:a2TQ8jJxoR2+SjXVGrqDRq+GyBcvX1X0bKZ+d5xbGMdRRH/wcH+lhKwIBeff/a77:NFodGlFjGvX16fxbldRtV+HIBM+eu

Score
8/10

Malware Config

Targets

    • Target

      c1caac58e614931c517666747eec84548ca762fff9744c47ed6cfe162c511331

    • Size

      5.6MB

    • MD5

      526ec95e3113035e7a0352304ec06fb8

    • SHA1

      6f50101533033bfb39ace46e48b661d85dd09ce2

    • SHA256

      c1caac58e614931c517666747eec84548ca762fff9744c47ed6cfe162c511331

    • SHA512

      db81c6c44b279bbf6e14b66dbb3378ff31f2fe8ff76b87f3f3c67169bceb8bab4addd624316727b5c859d89c858b83fe1052a7c39059888d7c48ec5bdc2b4513

    • SSDEEP

      98304:a2TQ8jJxoR2+SjXVGrqDRq+GyBcvX1X0bKZ+d5xbGMdRRH/wcH+lhKwIBeff/a77:NFodGlFjGvX16fxbldRtV+HIBM+eu

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks