a1650255f850fabb19b9b75865cef9bd45d89a48390f585f3587da14b7484908 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a1650255f850fabb19b9b75865cef9bd45d89a48390f585f3587da14b7484908.exe

Resource

win10v2004-20220812-en

phorphiex evasion loader persistence spyware stealer trojan worm

windows10-2004-x64

9 signatures

150 seconds

General

Target

a1650255f850fabb19b9b75865cef9bd45d89a48390f585f3587da14b7484908
Size

11KB
MD5

a86bbe655021fd2f6263011c02a0070d
SHA1

597fb8aafd9d1d0ab221c6d8291246f43c9ade7e
SHA256

a1650255f850fabb19b9b75865cef9bd45d89a48390f585f3587da14b7484908
SHA512

93684ebfe4f44a12b6c7f3b41ff05e6a65eec6d8c09418fe51334cb28f9d71f17577f95912b937754896823e4a16b3668e5c04729a82f5c6081a7fc4bdb654ff
SSDEEP

96:S5fKGbUuMszosDmzzGNaU9UGkQaHzVI3b+VIZPtboynuYUi82Ct4Le:4ZX1FYG+jiTZP1oynfUi8xSe

Score

1^/10

Malware Config

Signatures

Files

a1650255f850fabb19b9b75865cef9bd45d89a48390f585f3587da14b7484908
.exe windows x86

c9d641fea3638f857511ed0e440b2eed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

msvcrt

__p__fmode
__set_app_type
__p__commode
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
srand
rand
memset
_except_handler3

wininet

InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetOpenUrlW
InternetOpenW
InternetReadFile

urlmon

URLDownloadToFileW

kernel32

CloseHandle
MoveFileA
CreateProcessW
Sleep
WriteFile
CreateFileW
ExpandEnvironmentStringsW
GetTickCount
GetModuleHandleA
GetStartupInfoA
DeleteFileW
MoveFileW
DeleteFileA

user32

wsprintfW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy