Overview

overview

8

Static

static

1

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    fbc9019386c69eaccaa6f9a70c42b4d2abb0207ddd14264f43782b7ae0513fcb

  • Size

    352KB

  • Sample

    230418-gf3bksbe6w

  • MD5

    3a22fd84921f2945ca88b69c49cfb57a

  • SHA1

    feda4e1f3566f3d40835901d2f758a868c79c08d

  • SHA256

    fbc9019386c69eaccaa6f9a70c42b4d2abb0207ddd14264f43782b7ae0513fcb

  • SHA512

    b54d21f463cb675557353017e05a0ff8e32ac37dd27c1e0a1a6d5bcbb825c8e6a0549c15092c718359d96f7aba9e7467e0a25f3b4d16ef5e4d40c8e4b74c9c92

  • SSDEEP

    6144:34WXsaUBJfALoNjC8Ok6xFcOPk2FbbwCngtn2+j:346s5HfALo88OpbbRngFxj

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      fbc9019386c69eaccaa6f9a70c42b4d2abb0207ddd14264f43782b7ae0513fcb

    • Size

      352KB

    • MD5

      3a22fd84921f2945ca88b69c49cfb57a

    • SHA1

      feda4e1f3566f3d40835901d2f758a868c79c08d

    • SHA256

      fbc9019386c69eaccaa6f9a70c42b4d2abb0207ddd14264f43782b7ae0513fcb

    • SHA512

      b54d21f463cb675557353017e05a0ff8e32ac37dd27c1e0a1a6d5bcbb825c8e6a0549c15092c718359d96f7aba9e7467e0a25f3b4d16ef5e4d40c8e4b74c9c92

    • SSDEEP

      6144:34WXsaUBJfALoNjC8Ok6xFcOPk2FbbwCngtn2+j:346s5HfALo88OpbbRngFxj

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks