Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    cd2c2cd15f57ed2f6ff4a8e431fab91b541515ac5d2596e186a90190d445dff2

  • Size

    3.7MB

  • Sample

    230105-z6tfgadd37

  • MD5

    e7c4f8fa014ac2eb81c2d4368ed28953

  • SHA1

    f6dcfaab307479cad7b03624b26474e5eccee5f3

  • SHA256

    cd2c2cd15f57ed2f6ff4a8e431fab91b541515ac5d2596e186a90190d445dff2

  • SHA512

    59f8bb582ed2f09f4c08aa5f824407f0e1b20186071e859c897230902e7bf9aaf6e620bcd8c302ca4bbace4229b4bd801622d254344ba065e95be26ebd40ccd6

  • SSDEEP

    98304:8g9gszbbpsgCDNY3nMIE5UnJrMveHB8ehE1uc8yiFA7VMCsyOlLVCr+/1IKukwNl:/gZgCKXMI/JrGaqe+u0MCsX9VqC9uk

Score
8/10
collectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      cd2c2cd15f57ed2f6ff4a8e431fab91b541515ac5d2596e186a90190d445dff2

    • Size

      3.7MB

    • MD5

      e7c4f8fa014ac2eb81c2d4368ed28953

    • SHA1

      f6dcfaab307479cad7b03624b26474e5eccee5f3

    • SHA256

      cd2c2cd15f57ed2f6ff4a8e431fab91b541515ac5d2596e186a90190d445dff2

    • SHA512

      59f8bb582ed2f09f4c08aa5f824407f0e1b20186071e859c897230902e7bf9aaf6e620bcd8c302ca4bbace4229b4bd801622d254344ba065e95be26ebd40ccd6

    • SSDEEP

      98304:8g9gszbbpsgCDNY3nMIE5UnJrMveHB8ehE1uc8yiFA7VMCsyOlLVCr+/1IKukwNl:/gZgCKXMI/JrGaqe+u0MCsX9VqC9uk

    Score
    8/10
    collectiondiscoveryspywarestealer

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks