b95e6297118aca0332c4dac5c6e776e71cbcdd78a30bb0f59f754d32bd4e1fb1 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

dridex

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

b95e6297118aca0332c4dac5c6e776e71cbcdd78a30bb0f59f754d32bd4e1fb1
Size

1.4MB
Sample

230801-v2qfssbb9v
MD5

6f6e824f7889c7d657bc6f102afabc32
SHA1

e91e06b758087af182282f6e6c01f1b2ebe76087
SHA256

b95e6297118aca0332c4dac5c6e776e71cbcdd78a30bb0f59f754d32bd4e1fb1
SHA512

1f062ab0da4f82f41d69da27324e261c16c0eb527198c2f2d32704bbb9b669595bb80401a32a1f8fd970c0b31a428c09d751e66c7e3d706b89b03f3b7d4dd5ef
SSDEEP

24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score

8^/10

evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b95e6297118aca0332c4dac5c6e776e71cbcdd78a30bb0f59f754d32bd4e1fb1.exe

Resource

win10-20230703-en

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  b95e6297118aca0332c4dac5c6e776e71cbcdd78a30bb0f59f754d32bd4e1fb1
- Size
  
  1.4MB
- MD5
  
  6f6e824f7889c7d657bc6f102afabc32
- SHA1
  
  e91e06b758087af182282f6e6c01f1b2ebe76087
- SHA256
  
  b95e6297118aca0332c4dac5c6e776e71cbcdd78a30bb0f59f754d32bd4e1fb1
- SHA512
  
  1f062ab0da4f82f41d69da27324e261c16c0eb527198c2f2d32704bbb9b669595bb80401a32a1f8fd970c0b31a428c09d751e66c7e3d706b89b03f3b7d4dd5ef
- SSDEEP
  
  24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Score

8^/10

evasion upx
- Modifies Windows Firewall
  evasion
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy