Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4489c198673cf7452dc2c0e06a571c527ce5a7eaa1ea19b49cbf405df3555b9c

  • Size

    1.1MB

  • Sample

    230104-sqxdvsbh8s

  • MD5

    97f178e9c983222907bdf48d8ead895f

  • SHA1

    676da810309730830bc8f60771f7d3b7c945bb0a

  • SHA256

    4489c198673cf7452dc2c0e06a571c527ce5a7eaa1ea19b49cbf405df3555b9c

  • SHA512

    1910d163784248ef97e2bd84ab78266da375fd1ca994d6460d03b8af9b6c1de73bd4820a3aa3b5868537fa253e7bba753d00f0db4aa1e3cdc7a845e2a77706c1

  • SSDEEP

    24576:npV2HmM+DtUR8T2HhEXKJMJlBd4hmuTMPD7bgFFn8NY7DIjhZoUYL:nL6bYyhEaJQdGgL4FF8NpjhZop

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      4489c198673cf7452dc2c0e06a571c527ce5a7eaa1ea19b49cbf405df3555b9c

    • Size

      1.1MB

    • MD5

      97f178e9c983222907bdf48d8ead895f

    • SHA1

      676da810309730830bc8f60771f7d3b7c945bb0a

    • SHA256

      4489c198673cf7452dc2c0e06a571c527ce5a7eaa1ea19b49cbf405df3555b9c

    • SHA512

      1910d163784248ef97e2bd84ab78266da375fd1ca994d6460d03b8af9b6c1de73bd4820a3aa3b5868537fa253e7bba753d00f0db4aa1e3cdc7a845e2a77706c1

    • SSDEEP

      24576:npV2HmM+DtUR8T2HhEXKJMJlBd4hmuTMPD7bgFFn8NY7DIjhZoUYL:nL6bYyhEaJQdGgL4FF8NpjhZop

    Score
    8/10
    discoverypersistence

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

      persistence

    • Sets service image path in registry

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks