Overview

overview

8

Static

static

3

dridex

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e6552e098ab400c4ec6ae999e50e79d56f53dee4e5f44d77dd13e99a538d1913

  • Size

    1.4MB

  • Sample

    230801-r7qrzahf6z

  • MD5

    16c3d6345093f053ff7f3a946403661c

  • SHA1

    dc0e3b87769364bdc985688aaad8010409335d17

  • SHA256

    e6552e098ab400c4ec6ae999e50e79d56f53dee4e5f44d77dd13e99a538d1913

  • SHA512

    ba83fa6fc318ba32eb55852dbb0bf5d434b89758e4b7491cad5867bd1063b803660cad08f64cafeabc3f3d4a0625d2ed5b418103e5dc3538f621a5cde70f3690

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      e6552e098ab400c4ec6ae999e50e79d56f53dee4e5f44d77dd13e99a538d1913

    • Size

      1.4MB

    • MD5

      16c3d6345093f053ff7f3a946403661c

    • SHA1

      dc0e3b87769364bdc985688aaad8010409335d17

    • SHA256

      e6552e098ab400c4ec6ae999e50e79d56f53dee4e5f44d77dd13e99a538d1913

    • SHA512

      ba83fa6fc318ba32eb55852dbb0bf5d434b89758e4b7491cad5867bd1063b803660cad08f64cafeabc3f3d4a0625d2ed5b418103e5dc3538f621a5cde70f3690

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks