Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09b55350fc85b124a6b6c39dd8604cbb0902e495cbb60fa638532b391947e033

  • Size

    880KB

  • Sample

    230322-ksja1shg8x

  • MD5

    194345ebabc4e6ce9a385c8bc366e3c0

  • SHA1

    f72d6953d3ab1008e6cc07041118d277b63c6edd

  • SHA256

    09b55350fc85b124a6b6c39dd8604cbb0902e495cbb60fa638532b391947e033

  • SHA512

    2f2e1023605294a0f030140438d0f20329d05aaa95442860060d48f33259592ec9e43bfd56d0e5d52ac600c4bb96ede957a52dc9a6aab3ac959d1c6b956d9096

  • SSDEEP

    6144:LQuiA1RTz/cYja2ieb5YbF5R+Jn8xH97r7F41d43wUmDm:nz/9ja2ieFYp5R+I7+Y

Score
10/10

Malware Config

Targets

    • Target

      09b55350fc85b124a6b6c39dd8604cbb0902e495cbb60fa638532b391947e033

    • Size

      880KB

    • MD5

      194345ebabc4e6ce9a385c8bc366e3c0

    • SHA1

      f72d6953d3ab1008e6cc07041118d277b63c6edd

    • SHA256

      09b55350fc85b124a6b6c39dd8604cbb0902e495cbb60fa638532b391947e033

    • SHA512

      2f2e1023605294a0f030140438d0f20329d05aaa95442860060d48f33259592ec9e43bfd56d0e5d52ac600c4bb96ede957a52dc9a6aab3ac959d1c6b956d9096

    • SSDEEP

      6144:LQuiA1RTz/cYja2ieb5YbF5R+Jn8xH97r7F41d43wUmDm:nz/9ja2ieFYp5R+I7+Y

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks