Overview

overview

8

Static

static

dridex

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    991b640f62662dd0e33788fab50821ba534e58dbd278b4f1ada75da2e7af9f16

  • Size

    1.1MB

  • Sample

    230111-1p341sad5y

  • MD5

    2b7a30fa1b68b7191a92b896aa981e22

  • SHA1

    12b3ab61e535ea0293aea9eb97f3d9ee88e89b37

  • SHA256

    991b640f62662dd0e33788fab50821ba534e58dbd278b4f1ada75da2e7af9f16

  • SHA512

    be9427aceab8a5e99f9d23a391b9c038d537ae7bd95f6956a08a8688658aa2474e1716ac19d91fcd770343bb7fe5ca9b3bbaa1a050f4497494e31a1855cc8fba

  • SSDEEP

    24576:3PutOaE6Kf9w+xhQ7aPOUHnQbrd4E+LMqI9hZGQ90:32MjBFAcOUHn6T+mGQ9

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      991b640f62662dd0e33788fab50821ba534e58dbd278b4f1ada75da2e7af9f16

    • Size

      1.1MB

    • MD5

      2b7a30fa1b68b7191a92b896aa981e22

    • SHA1

      12b3ab61e535ea0293aea9eb97f3d9ee88e89b37

    • SHA256

      991b640f62662dd0e33788fab50821ba534e58dbd278b4f1ada75da2e7af9f16

    • SHA512

      be9427aceab8a5e99f9d23a391b9c038d537ae7bd95f6956a08a8688658aa2474e1716ac19d91fcd770343bb7fe5ca9b3bbaa1a050f4497494e31a1855cc8fba

    • SSDEEP

      24576:3PutOaE6Kf9w+xhQ7aPOUHnQbrd4E+LMqI9hZGQ90:32MjBFAcOUHn6T+mGQ9

    Score
    8/10
    discoverypersistence

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

      persistence

    • Sets service image path in registry

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks