bac1ce5e314f27a6b6ddaacda6af517c29b6150772fe6764045dfc82c7645e2a | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

bac1ce5e314f27a6b6ddaacda6af517c29b6150772fe6764045dfc82c7645e2a
Size

312KB
Sample

230213-efk17aaf64
MD5

c9611cb248eff7318bf098c06b251cd4
SHA1

193b1cb6b1bcd04ce4cbf0237698b2e3171d00fe
SHA256

bac1ce5e314f27a6b6ddaacda6af517c29b6150772fe6764045dfc82c7645e2a
SHA512

e2c7c8cd72891085cd1464a8529c6ded8470a2069a4c94b6835513921bdc747aa4245c522229d5fb2c588c5ded64923c39e0b447e55f2dd6927f911eabc2f7d1
SSDEEP

6144:IviyYPpr8AE0W0H2Xe1L8AAXb25160uYR+kCEPD:Ivh0W0WX8L8TXO60uYRkEPD

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

bac1ce5e314f27a6b6ddaacda6af517c29b6150772fe6764045dfc82c7645e2a.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  bac1ce5e314f27a6b6ddaacda6af517c29b6150772fe6764045dfc82c7645e2a
- Size
  
  312KB
- MD5
  
  c9611cb248eff7318bf098c06b251cd4
- SHA1
  
  193b1cb6b1bcd04ce4cbf0237698b2e3171d00fe
- SHA256
  
  bac1ce5e314f27a6b6ddaacda6af517c29b6150772fe6764045dfc82c7645e2a
- SHA512
  
  e2c7c8cd72891085cd1464a8529c6ded8470a2069a4c94b6835513921bdc747aa4245c522229d5fb2c588c5ded64923c39e0b447e55f2dd6927f911eabc2f7d1
- SSDEEP
  
  6144:IviyYPpr8AE0W0H2Xe1L8AAXb25160uYR+kCEPD:Ivh0W0WX8L8TXO60uYRkEPD
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy