Overview

overview

8

Static

static

1

dridex

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29e61384c93096cafee84d5bcff5b4bd354bbfcfefe20e5ad03b53c9aee1a70c

  • Size

    483KB

  • Sample

    230414-l9ke3shd92

  • MD5

    42a3a01785ac6597bc4b843340065dca

  • SHA1

    a39903c489ab139da0a17ee74f64288424420c89

  • SHA256

    29e61384c93096cafee84d5bcff5b4bd354bbfcfefe20e5ad03b53c9aee1a70c

  • SHA512

    729118e5be5b4d2d5b476bf551cef695cf109a703697c1b4d3fbe6a498b7ac51eaf246859e8b253998b33f9b22d5f8ede6cdd6bc03eb0b669d02b8dd8db37e28

  • SSDEEP

    6144:PtZlz6dpdLXUJkn6NS/H34jUrJ5yrIkzGbnuMKcAXDguOZ4KZGMI9P3v/i:Vz6dpdoy6NS/ojoAOuMPAzMGMIp//i

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      29e61384c93096cafee84d5bcff5b4bd354bbfcfefe20e5ad03b53c9aee1a70c

    • Size

      483KB

    • MD5

      42a3a01785ac6597bc4b843340065dca

    • SHA1

      a39903c489ab139da0a17ee74f64288424420c89

    • SHA256

      29e61384c93096cafee84d5bcff5b4bd354bbfcfefe20e5ad03b53c9aee1a70c

    • SHA512

      729118e5be5b4d2d5b476bf551cef695cf109a703697c1b4d3fbe6a498b7ac51eaf246859e8b253998b33f9b22d5f8ede6cdd6bc03eb0b669d02b8dd8db37e28

    • SSDEEP

      6144:PtZlz6dpdLXUJkn6NS/H34jUrJ5yrIkzGbnuMKcAXDguOZ4KZGMI9P3v/i:Vz6dpdoy6NS/ojoAOuMPAzMGMIp//i

    Score
    8/10
    spywarestealer

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks