Overview

overview

6

Static

static

3

dridex

windows10-1703-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

  • Size

    1.7MB

  • Sample

    230501-tltb3sdc81

  • MD5

    c726a4eba148b17c9ccf3692fbc90701

  • SHA1

    52d203ff30f7a23fdc4cb45caa2efa40324a43d9

  • SHA256

    9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

  • SHA512

    8499f446c1a7ae0f52f75e61073c916e2531f09b4cf7fc133c63b874d3c42a5cddc280f8b9b9d1be038c6bb789e763213c8d0a1e27add3796cb3a46523ea707e

  • SSDEEP

    49152:rbwfYXOdg8BnGyKkv6dfaAHYgDJY2Zuqz1:rs7sf

Score
6/10
spyware

Malware Config

Targets

    • Target

      9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

    • Size

      1.7MB

    • MD5

      c726a4eba148b17c9ccf3692fbc90701

    • SHA1

      52d203ff30f7a23fdc4cb45caa2efa40324a43d9

    • SHA256

      9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

    • SHA512

      8499f446c1a7ae0f52f75e61073c916e2531f09b4cf7fc133c63b874d3c42a5cddc280f8b9b9d1be038c6bb789e763213c8d0a1e27add3796cb3a46523ea707e

    • SSDEEP

      49152:rbwfYXOdg8BnGyKkv6dfaAHYgDJY2Zuqz1:rs7sf

    Score
    6/10
    spyware

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks