Overview

overview

8

Static

static

3

dridex

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    11218ceaec0c1912484ab82a42e4de2a404330163a0aea0af1ec0d48e16d8a46

  • Size

    1.4MB

  • Sample

    230802-3zqb1sad65

  • MD5

    cd04bf14cf043021aa88fcbbca92c817

  • SHA1

    33236b17a7749e6d936ace712b04e8e497392b4b

  • SHA256

    11218ceaec0c1912484ab82a42e4de2a404330163a0aea0af1ec0d48e16d8a46

  • SHA512

    054d7798f2d0ecf31a48b4ee614391951a4938bac2b1a3d64d8c0bc5366028d6273fa12f1b39858021c82a404eb344ee508dccdedff4bccca0e8e3fada0ae3e9

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      11218ceaec0c1912484ab82a42e4de2a404330163a0aea0af1ec0d48e16d8a46

    • Size

      1.4MB

    • MD5

      cd04bf14cf043021aa88fcbbca92c817

    • SHA1

      33236b17a7749e6d936ace712b04e8e497392b4b

    • SHA256

      11218ceaec0c1912484ab82a42e4de2a404330163a0aea0af1ec0d48e16d8a46

    • SHA512

      054d7798f2d0ecf31a48b4ee614391951a4938bac2b1a3d64d8c0bc5366028d6273fa12f1b39858021c82a404eb344ee508dccdedff4bccca0e8e3fada0ae3e9

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks