Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c47ff32e567affa5ddc1c257c8760a340a0e05fb20be86245fe3a541d42fe66b

  • Size

    56KB

  • Sample

    230409-x88xtscf86

  • MD5

    61cbfdab621a495cdbad9f61c794f3af

  • SHA1

    3ca2df7512e03c6c4a3271b42e1a71587e0ae41e

  • SHA256

    c47ff32e567affa5ddc1c257c8760a340a0e05fb20be86245fe3a541d42fe66b

  • SHA512

    d0e7c6ec435ad28c6057774e2c5113a9666cb391a8ca8071493798ab0e7bffe94bef1886b44b8963fbfb707059046fcab59df9f24c441470c519cf5293d058f7

  • SSDEEP

    768:RYQp+rLLfWIe/rlzz/N85cbk9zBLOdYygDutQopbJ7nUSBaOL:RYQp+7Ze/rNzrbk9BKdT9Tp5nUSBaOL

Score
10/10
gurcuspywarestealer

Malware Config

Targets

    • Target

      c47ff32e567affa5ddc1c257c8760a340a0e05fb20be86245fe3a541d42fe66b

    • Size

      56KB

    • MD5

      61cbfdab621a495cdbad9f61c794f3af

    • SHA1

      3ca2df7512e03c6c4a3271b42e1a71587e0ae41e

    • SHA256

      c47ff32e567affa5ddc1c257c8760a340a0e05fb20be86245fe3a541d42fe66b

    • SHA512

      d0e7c6ec435ad28c6057774e2c5113a9666cb391a8ca8071493798ab0e7bffe94bef1886b44b8963fbfb707059046fcab59df9f24c441470c519cf5293d058f7

    • SSDEEP

      768:RYQp+rLLfWIe/rlzz/N85cbk9zBLOdYygDutQopbJ7nUSBaOL:RYQp+7Ze/rNzrbk9BKdT9Tp5nUSBaOL

    Score
    10/10
    gurcuspywarestealer

    • Gurcu

      Gurcu stealer is a malware written in C#.

      stealergurcu

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks