Overview

overview

8

Static

static

3

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4aba0d68c9cdd294ad11236320542f65dd0449a3d6cd48e72f6587c1c335c8d9

  • Size

    1.4MB

  • Sample

    230801-hlnwtafb2w

  • MD5

    8eca98198e6b09350ab74151ac6e576b

  • SHA1

    85354b4e8e4a8131bcab7dbb8ef15da009697c3c

  • SHA256

    4aba0d68c9cdd294ad11236320542f65dd0449a3d6cd48e72f6587c1c335c8d9

  • SHA512

    0355fb168b4eb6969b3fea6886165a9145db1b4713e2df3d188c9db996c68e08e2340034a35adf67106ff14fcb1f22f2796227a2e99dfd4c58ab9f3a9b2ebef6

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      4aba0d68c9cdd294ad11236320542f65dd0449a3d6cd48e72f6587c1c335c8d9

    • Size

      1.4MB

    • MD5

      8eca98198e6b09350ab74151ac6e576b

    • SHA1

      85354b4e8e4a8131bcab7dbb8ef15da009697c3c

    • SHA256

      4aba0d68c9cdd294ad11236320542f65dd0449a3d6cd48e72f6587c1c335c8d9

    • SHA512

      0355fb168b4eb6969b3fea6886165a9145db1b4713e2df3d188c9db996c68e08e2340034a35adf67106ff14fcb1f22f2796227a2e99dfd4c58ab9f3a9b2ebef6

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks