Overview

overview

9

Static

static

1

dridex

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2ee9c7ca087f0edefef39079762a25267978256a3bc35892ac1b064a211c055

  • Size

    3.4MB

  • Sample

    230314-hmpjqsdh98

  • MD5

    7ed2847da6a4aec3fe9e86cc5544684f

  • SHA1

    3e214a32b8a497ae01dcfef9056ce03db4f60b7a

  • SHA256

    e2ee9c7ca087f0edefef39079762a25267978256a3bc35892ac1b064a211c055

  • SHA512

    a8181fedae05c58c1b6e433b29bf5fc6fe7735a5fb30f5f0ed481bb1965a0bdeb8cca9de5c505fb86f5a48e54307e121bc6b77476ad9af3960fa971a522cdad1

  • SSDEEP

    98304:r6mwMi6hqm+mXHkTiGDsAsQJEwky5CXjcM0Jhv8jYhz:WmRhfv3DG4+vsXjcM0zv8jS

Score
9/10
discoveryevasiontrojanupx

Malware Config

Targets

    • Target

      e2ee9c7ca087f0edefef39079762a25267978256a3bc35892ac1b064a211c055

    • Size

      3.4MB

    • MD5

      7ed2847da6a4aec3fe9e86cc5544684f

    • SHA1

      3e214a32b8a497ae01dcfef9056ce03db4f60b7a

    • SHA256

      e2ee9c7ca087f0edefef39079762a25267978256a3bc35892ac1b064a211c055

    • SHA512

      a8181fedae05c58c1b6e433b29bf5fc6fe7735a5fb30f5f0ed481bb1965a0bdeb8cca9de5c505fb86f5a48e54307e121bc6b77476ad9af3960fa971a522cdad1

    • SSDEEP

      98304:r6mwMi6hqm+mXHkTiGDsAsQJEwky5CXjcM0Jhv8jYhz:WmRhfv3DG4+vsXjcM0zv8jS

    Score
    9/10
    discoveryevasiontrojanupx

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks