b33a0e9c2e09064d89e3da2344bfd32fe889b9756d2a85a5cd57c8d02490236b | Triage

Submit
Reports

Overview

overview

8

Static

static

3

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

b33a0e9c2e09064d89e3da2344bfd32fe889b9756d2a85a5cd57c8d02490236b
Size

1.4MB
Sample

230802-ad8bgsbh23
MD5

e77c02e0ea2b35aeb97c572ce9ef0b54
SHA1

9b5f4d22c526f90cdb86c9e29dacdda46c74a0db
SHA256

b33a0e9c2e09064d89e3da2344bfd32fe889b9756d2a85a5cd57c8d02490236b
SHA512

6b4fadaca6c2616816b55ff3f2f44c85f16c7b4474e88b4cb7861847796bd16fdf681a0855bf03aa99090b6f5882a962e089a5c9e1f7583aa689a698f9ad66cb
SSDEEP

24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score

8^/10

evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b33a0e9c2e09064d89e3da2344bfd32fe889b9756d2a85a5cd57c8d02490236b.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  b33a0e9c2e09064d89e3da2344bfd32fe889b9756d2a85a5cd57c8d02490236b
- Size
  
  1.4MB
- MD5
  
  e77c02e0ea2b35aeb97c572ce9ef0b54
- SHA1
  
  9b5f4d22c526f90cdb86c9e29dacdda46c74a0db
- SHA256
  
  b33a0e9c2e09064d89e3da2344bfd32fe889b9756d2a85a5cd57c8d02490236b
- SHA512
  
  6b4fadaca6c2616816b55ff3f2f44c85f16c7b4474e88b4cb7861847796bd16fdf681a0855bf03aa99090b6f5882a962e089a5c9e1f7583aa689a698f9ad66cb
- SSDEEP
  
  24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Score

8^/10

evasion upx
- Modifies Windows Firewall
  evasion
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy