Overview

overview

8

Static

static

1

dridex

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03f493282e5511772602c3aca8ce29f9475e70e00d7f4c041e7ae58719a7f00c

  • Size

    2MB

  • Sample

    230319-cwspvsge9w

  • MD5

    a38ac5c9a2cef88d3c68be534d76d2a6

  • SHA1

    baf8a2757b8788e3a8251b35d94a15a884ed226b

  • SHA256

    03f493282e5511772602c3aca8ce29f9475e70e00d7f4c041e7ae58719a7f00c

  • SHA512

    030e60e5680f6d2406bfd8d7b7e7617053b19b7a727b4cdc4292e9b8646a8e296c4134e358bf86e3adbd445439b534ec6559f578ad6fcf4bdc330695c4100a9d

  • SSDEEP

    49152:38Hf8sEzurvvPywc2HaDG5N4J7FAutD7HKYwEWHdI7vFgdH:38/8SKwIDG5N4JWkDmYsHdEtQ

Score
8/10

Malware Config

Targets

    • Target

      03f493282e5511772602c3aca8ce29f9475e70e00d7f4c041e7ae58719a7f00c

    • Size

      2MB

    • MD5

      a38ac5c9a2cef88d3c68be534d76d2a6

    • SHA1

      baf8a2757b8788e3a8251b35d94a15a884ed226b

    • SHA256

      03f493282e5511772602c3aca8ce29f9475e70e00d7f4c041e7ae58719a7f00c

    • SHA512

      030e60e5680f6d2406bfd8d7b7e7617053b19b7a727b4cdc4292e9b8646a8e296c4134e358bf86e3adbd445439b534ec6559f578ad6fcf4bdc330695c4100a9d

    • SSDEEP

      49152:38Hf8sEzurvvPywc2HaDG5N4J7FAutD7HKYwEWHdI7vFgdH:38/8SKwIDG5N4JWkDmYsHdEtQ

    Score
    8/10

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks