Overview

overview

7

Static

static

3

dridex

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/05/2023, 09:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b18f86783d753ea2013dd416a20d356687ff64614319dfccde3f1955f6da9835.exe

  • Size

    367KB

  • MD5

    b110ae15ab724a31f1b49206defd5e0b

  • SHA1

    2a3ec7b940f4c311041154d5606324693528d741

  • SHA256

    b18f86783d753ea2013dd416a20d356687ff64614319dfccde3f1955f6da9835

  • SHA512

    571b6dcfcc8812295082788573133e20cc1340b7e7be6720d53016a9e614b99fb4fdcf8e1f1ac4f32f9467ffd6dbd2b75c2751f58623152b1b9bfe0b4eab7b21

  • SSDEEP

    6144:6FCu6PwKRJiQjnsqyQb710KtPfcl2v00g8Y7MZ:lu6P7DsqMecl280gPY

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\b18f86783d753ea2013dd416a20d356687ff64614319dfccde3f1955f6da9835.exe
    "C:\Users\Admin\AppData\Local\Temp\b18f86783d753ea2013dd416a20d356687ff64614319dfccde3f1955f6da9835.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1452

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1452-134-0x0000000002340000-0x000000000237E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1452-135-0x0000000004F40000-0x0000000004F50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1452-136-0x0000000004F50000-0x00000000054F4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1452-137-0x0000000007880000-0x0000000007E98000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/1452-138-0x0000000004F40000-0x0000000004F50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1452-139-0x0000000004F40000-0x0000000004F50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1452-140-0x0000000007F10000-0x0000000007F22000-memory.dmp

    Filesize

    72KB

    Download

  • memory/1452-141-0x0000000007F30000-0x000000000803A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1452-142-0x0000000008040000-0x000000000807C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/1452-143-0x0000000004F40000-0x0000000004F50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1452-144-0x0000000008250000-0x00000000082B6000-memory.dmp

    Filesize

    408KB

    Download

  • memory/1452-145-0x0000000008AF0000-0x0000000008B82000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1452-146-0x0000000008BE0000-0x0000000008C56000-memory.dmp

    Filesize

    472KB

    Download

  • memory/1452-147-0x0000000008CC0000-0x0000000008E82000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/1452-148-0x0000000008E90000-0x00000000093BC000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/1452-149-0x00000000094C0000-0x00000000094DE000-memory.dmp

    Filesize

    120KB

    Download

  • memory/1452-151-0x0000000000400000-0x00000000006D9000-memory.dmp

    Filesize

    2.8MB

    Download