197b9147b1d40aefd4f75d394a04520d2873e9df42a5782df7df31a88c2ae150 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

197b9147b1d40aefd4f75d394a04520d2873e9df42a5782df7df31a88c2ae150.exe

Resource

win10v2004-20230220-en

sality backdoor evasion trojan upx

windows10-2004-x64

14 signatures

150 seconds

General

Target

197b9147b1d40aefd4f75d394a04520d2873e9df42a5782df7df31a88c2ae150
Size

2.3MB
MD5

45caf9433f870d2d3087aa215f415462
SHA1

eed8da9eb8c89c4ec53dae8032fef246a5a846b5
SHA256

197b9147b1d40aefd4f75d394a04520d2873e9df42a5782df7df31a88c2ae150
SHA512

4e6605c47dcc2e74c6be811f727b2e2939c1c32520affe0ea0aa91acca3aa970375e0d100848642512da59f90d36b2ffabd172bb3779fb9f183ea9c4e4aaf4d5
SSDEEP

24576:KBwjQCY+VTQpH7VaNts9M2sbbz+XPCeEsovPEOgjz8Txn7SvF0Jmch3mkMch3mqs:Kul7VEp4tsxszEZ2bTR7Sv2maWkMaWQs

Score

1^/10

Malware Config

Signatures

Files

197b9147b1d40aefd4f75d394a04520d2873e9df42a5782df7df31a88c2ae150
.exe windows x86

35690a7a9675f33d272f4eb5eb24e8b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA

user32

KillTimer

gdi32

TextOutW

comdlg32

GetFileTitleW

winspool.drv

GetJobW

advapi32

RegEnumKeyW

shell32

DragFinish

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleTranslateAccelerator

oleaut32

SysFreeString

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 367KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 840KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy