6b1b9bc2b33d22077478bf6adc28b37c8d292656e569494eb666e347d602a460 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

6b1b9bc2b33d22077478bf6adc28b37c8d292656e569494eb666e347d602a460
Size

8.7MB
Sample

230508-j7arrahf25
MD5

ea29e1fa7ad43f88ed53dc2457c90714
SHA1

ec2e13e0e81cebd31ab8976fdf80097b2fa2691f
SHA256

6b1b9bc2b33d22077478bf6adc28b37c8d292656e569494eb666e347d602a460
SHA512

37f636d2a3cbb8b6fefe62b71d4f84ee055260884f5ad1e9ca884a610b60e91f6905b5a3e2b4f88fad93eeeacd3671835db9c337bfcfdce850e6225bb216107c
SSDEEP

196608:pUuaIPchIb++bc3WCtQTplBeKlQUkgpaIIqrV:BP+IdwcTMOQW6S

Score

10^/10

evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6b1b9bc2b33d22077478bf6adc28b37c8d292656e569494eb666e347d602a460.exe

Resource

win10-20230220-en

windows10-1703-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  6b1b9bc2b33d22077478bf6adc28b37c8d292656e569494eb666e347d602a460
- Size
  
  8.7MB
- MD5
  
  ea29e1fa7ad43f88ed53dc2457c90714
- SHA1
  
  ec2e13e0e81cebd31ab8976fdf80097b2fa2691f
- SHA256
  
  6b1b9bc2b33d22077478bf6adc28b37c8d292656e569494eb666e347d602a460
- SHA512
  
  37f636d2a3cbb8b6fefe62b71d4f84ee055260884f5ad1e9ca884a610b60e91f6905b5a3e2b4f88fad93eeeacd3671835db9c337bfcfdce850e6225bb216107c
- SSDEEP
  
  196608:pUuaIPchIb++bc3WCtQTplBeKlQUkgpaIIqrV:BP+IdwcTMOQW6S
Score

10^/10

evasion
- Suspicious use of NtCreateProcessExOtherParentProcess
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Stops running service(s)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy