Overview

overview

7

Static

static

dridex

windows10-2004-x64

7

Analysis

  • max time kernel
    115s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-01-2023 19:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edde361c1185c9909994fd93ae200bef470a4f1e8fc0579b10e97ac79916a31a.exe

  • Size

    453KB

  • MD5

    84bc774ae4626199bb8cf14545305b96

  • SHA1

    3b0197fc21efb2eb97d7c8e820d2714f4d3c50a8

  • SHA256

    edde361c1185c9909994fd93ae200bef470a4f1e8fc0579b10e97ac79916a31a

  • SHA512

    24424996f8db7427d3585baec8da09393da3dc756d6776e9274582ded68e3a3fb0899482ff24f88453a2ad7120a2fb0ca7d35cbe079f45c4cb9f7a9ed8b0bc98

  • SSDEEP

    6144:HZ4PBDXHQk+Lr7vK2API2b/zJ473AM5nq9mlilzyJblsBnvdVmvP3Zi5mcxFzS:HuP5Hr+zvKtQKbS73AMZq9mlL3ZiB

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\edde361c1185c9909994fd93ae200bef470a4f1e8fc0579b10e97ac79916a31a.exe
    "C:\Users\Admin\AppData\Local\Temp\edde361c1185c9909994fd93ae200bef470a4f1e8fc0579b10e97ac79916a31a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:5012

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5012-133-0x0000000000480000-0x0000000000580000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5012-134-0x0000000002210000-0x0000000002269000-memory.dmp

    Filesize

    356KB

    Download

  • memory/5012-135-0x0000000004B70000-0x0000000005114000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/5012-136-0x0000000000400000-0x0000000000477000-memory.dmp

    Filesize

    476KB

    Download

  • memory/5012-137-0x00000000051A0000-0x00000000057B8000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/5012-138-0x0000000005860000-0x0000000005872000-memory.dmp

    Filesize

    72KB

    Download

  • memory/5012-139-0x0000000005880000-0x000000000598A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/5012-140-0x0000000005990000-0x00000000059CC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/5012-141-0x0000000005CA0000-0x0000000005D32000-memory.dmp

    Filesize

    584KB

    Download

  • memory/5012-142-0x0000000005D40000-0x0000000005DA6000-memory.dmp

    Filesize

    408KB

    Download

  • memory/5012-143-0x0000000006570000-0x0000000006732000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/5012-144-0x0000000006740000-0x0000000006C6C000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/5012-145-0x0000000006D70000-0x0000000006DE6000-memory.dmp

    Filesize

    472KB

    Download

  • memory/5012-146-0x0000000006E20000-0x0000000006E3E000-memory.dmp

    Filesize

    120KB

    Download

  • memory/5012-147-0x0000000000400000-0x0000000000477000-memory.dmp

    Filesize

    476KB

    Download