Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e631703a63b03d0bbfe15f325a4031e11ee2780133e8e1661c9aba941e20f46c

  • Size

    207KB

  • Sample

    230601-pp2qeaeb98

  • MD5

    06d21764ffefdde86399f67dd3d66bb5

  • SHA1

    8d7539405ce4d66798842204a67439bb20f987a1

  • SHA256

    e631703a63b03d0bbfe15f325a4031e11ee2780133e8e1661c9aba941e20f46c

  • SHA512

    5bc5746f961989e0f9f0d987a30b904155f65851fec69766af8a20be5bda0cf92501ed8d16bb82b358a2125781446c26d6fa7ae56974992d074ba44414a574f2

  • SSDEEP

    3072:BXj4RWcZH1Pc6bRdL1OI5XrlZGjliC/MGdLJD5bK6gz:lzMk6bj1OYXPKiCkGdjK

Score
10/10
stealcdiscoveryspywarestealer

Malware Config

Extracted

Family

stealc

C2

http://publisherget.top/410b5129171f10ea.php

Targets

    • Target

      e631703a63b03d0bbfe15f325a4031e11ee2780133e8e1661c9aba941e20f46c

    • Size

      207KB

    • MD5

      06d21764ffefdde86399f67dd3d66bb5

    • SHA1

      8d7539405ce4d66798842204a67439bb20f987a1

    • SHA256

      e631703a63b03d0bbfe15f325a4031e11ee2780133e8e1661c9aba941e20f46c

    • SHA512

      5bc5746f961989e0f9f0d987a30b904155f65851fec69766af8a20be5bda0cf92501ed8d16bb82b358a2125781446c26d6fa7ae56974992d074ba44414a574f2

    • SSDEEP

      3072:BXj4RWcZH1Pc6bRdL1OI5XrlZGjliC/MGdLJD5bK6gz:lzMk6bj1OYXPKiCkGdjK

    Score
    10/10
    stealcdiscoveryspywarestealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks