Overview

overview

8

Static

static

3

dridex

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16d35a3d45ec0c680efcfe84be9ad1e9182134a4bcb36ce6d1343e81e5198c31

  • Size

    1.4MB

  • Sample

    230801-fk6n5add79

  • MD5

    55cf3dbe4e7578147ecb9e6191bd53d1

  • SHA1

    65a306c6a5b18a140f97bf33a8c5cee52c9efdf2

  • SHA256

    16d35a3d45ec0c680efcfe84be9ad1e9182134a4bcb36ce6d1343e81e5198c31

  • SHA512

    0572961a0fd26ccc933af4a667bf69414f280a5cf0b575e8fb7f91daeb84cac3f458a7a7721a22550544e694f4907a0be26c86b84a59b22715103ac04d9c821a

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      16d35a3d45ec0c680efcfe84be9ad1e9182134a4bcb36ce6d1343e81e5198c31

    • Size

      1.4MB

    • MD5

      55cf3dbe4e7578147ecb9e6191bd53d1

    • SHA1

      65a306c6a5b18a140f97bf33a8c5cee52c9efdf2

    • SHA256

      16d35a3d45ec0c680efcfe84be9ad1e9182134a4bcb36ce6d1343e81e5198c31

    • SHA512

      0572961a0fd26ccc933af4a667bf69414f280a5cf0b575e8fb7f91daeb84cac3f458a7a7721a22550544e694f4907a0be26c86b84a59b22715103ac04d9c821a

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionpersistenceupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.