Overview

overview

8

Static

static

3

dridex

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df5d7d87268ff1f459d0daeafd2e88d71c0083a487d4510c01c3b76914edc0d0

  • Size

    1.4MB

  • Sample

    230801-vanswsag5z

  • MD5

    094ac45d103e56485528b24c33a78521

  • SHA1

    147bd3b68243e529d5a1bcc1cb047e036dc6e5da

  • SHA256

    df5d7d87268ff1f459d0daeafd2e88d71c0083a487d4510c01c3b76914edc0d0

  • SHA512

    745349e3845fe137a04d1664b1c885305c330f815c947268785691af2a2f6323c92bb6cb6529cef29a14c6339f4d83db5ca51fea70f7e33eab3a6d371d4d9ae7

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      df5d7d87268ff1f459d0daeafd2e88d71c0083a487d4510c01c3b76914edc0d0

    • Size

      1.4MB

    • MD5

      094ac45d103e56485528b24c33a78521

    • SHA1

      147bd3b68243e529d5a1bcc1cb047e036dc6e5da

    • SHA256

      df5d7d87268ff1f459d0daeafd2e88d71c0083a487d4510c01c3b76914edc0d0

    • SHA512

      745349e3845fe137a04d1664b1c885305c330f815c947268785691af2a2f6323c92bb6cb6529cef29a14c6339f4d83db5ca51fea70f7e33eab3a6d371d4d9ae7

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks