Overview

overview

8

Static

static

3

dridex

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f90b43c1b194325aabb4154018157d85f8bbc7ec4500c7973a95c5a3098a321a

  • Size

    1.4MB

  • Sample

    230801-helswadh68

  • MD5

    44ccb7f9cc0535d1f0939f8d22e191af

  • SHA1

    b27bf55d02b1b9f7ee4a8c298c82468828bf51a5

  • SHA256

    f90b43c1b194325aabb4154018157d85f8bbc7ec4500c7973a95c5a3098a321a

  • SHA512

    ad0e037e8ef8bd643c4f1ce47af3c541f2ce46ca02f45518f02ea3d63f69b4d49f642358f78750337f6636111be66b36487762b3587dc897beeef6229a56a4c6

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      f90b43c1b194325aabb4154018157d85f8bbc7ec4500c7973a95c5a3098a321a

    • Size

      1.4MB

    • MD5

      44ccb7f9cc0535d1f0939f8d22e191af

    • SHA1

      b27bf55d02b1b9f7ee4a8c298c82468828bf51a5

    • SHA256

      f90b43c1b194325aabb4154018157d85f8bbc7ec4500c7973a95c5a3098a321a

    • SHA512

      ad0e037e8ef8bd643c4f1ce47af3c541f2ce46ca02f45518f02ea3d63f69b4d49f642358f78750337f6636111be66b36487762b3587dc897beeef6229a56a4c6

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks