Overview

overview

8

Static

static

3

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1c6cded097fd10f5863001a0da63b107b16551c17113beaa3c5ec0bb62aa13fc

  • Size

    1.4MB

  • Sample

    230731-25lqcach2s

  • MD5

    72cfc6198e08736cb587bad84491be59

  • SHA1

    3d7687588355e0e84fe4bd1011b29f22cce671b4

  • SHA256

    1c6cded097fd10f5863001a0da63b107b16551c17113beaa3c5ec0bb62aa13fc

  • SHA512

    4179c6146f8997478c8ab8339d0cd11981c911ce355331572f9522c58bb4af796b9f4431f902c00e823440bbfc3ba96009157084098e2981f22ab98346b6df19

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      1c6cded097fd10f5863001a0da63b107b16551c17113beaa3c5ec0bb62aa13fc

    • Size

      1.4MB

    • MD5

      72cfc6198e08736cb587bad84491be59

    • SHA1

      3d7687588355e0e84fe4bd1011b29f22cce671b4

    • SHA256

      1c6cded097fd10f5863001a0da63b107b16551c17113beaa3c5ec0bb62aa13fc

    • SHA512

      4179c6146f8997478c8ab8339d0cd11981c911ce355331572f9522c58bb4af796b9f4431f902c00e823440bbfc3ba96009157084098e2981f22ab98346b6df19

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks