Overview

overview

7

Static

static

3

dridex

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f

  • Size

    7.0MB

  • Sample

    230526-nlv8safb94

  • MD5

    04a61b0ee9db0c48d5f3e4d56695c544

  • SHA1

    3d3a3d2fa8ce824087fbadb2c02336887bae8fd0

  • SHA256

    9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f

  • SHA512

    86b371e82b1e59cd3dba4f1dd1694c705f1bff996e362e654af4ed2c850e00b6f7b6f27e1a4de62a477b1471b49eef5b0e8f937e28624ec5648ef4e47201d1b1

  • SSDEEP

    98304:C8j4sQ4jTC9zKcIyAPIvRnKqeZWQgh8PnmFVpCRxrZaTubplO2FOYS:1j+PIyDoBY8mFzhTkplO2F0

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f

    • Size

      7.0MB

    • MD5

      04a61b0ee9db0c48d5f3e4d56695c544

    • SHA1

      3d3a3d2fa8ce824087fbadb2c02336887bae8fd0

    • SHA256

      9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f

    • SHA512

      86b371e82b1e59cd3dba4f1dd1694c705f1bff996e362e654af4ed2c850e00b6f7b6f27e1a4de62a477b1471b49eef5b0e8f937e28624ec5648ef4e47201d1b1

    • SSDEEP

      98304:C8j4sQ4jTC9zKcIyAPIvRnKqeZWQgh8PnmFVpCRxrZaTubplO2FOYS:1j+PIyDoBY8mFzhTkplO2F0

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks