Overview

overview

8

Static

static

3

dridex

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e668c1bc5a91ed018f95a8dc3c12e0069a09582902a2ea0a70d1be61c5f554c7

  • Size

    1.4MB

  • Sample

    230806-tx7nvabb37

  • MD5

    73cfe539373477efa6c3c60cc3edd622

  • SHA1

    fd4501706c053d18ce6ac03fceee3ba9cd2272fd

  • SHA256

    e668c1bc5a91ed018f95a8dc3c12e0069a09582902a2ea0a70d1be61c5f554c7

  • SHA512

    87d0c6c9ba3d9d95dc7e37139187bd338484fb57ef060c771b7ce9e2216df30b41d2e14f5aa6909c80638d012580107815c0dda87e4f5a6570905f46282ce34c

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      e668c1bc5a91ed018f95a8dc3c12e0069a09582902a2ea0a70d1be61c5f554c7

    • Size

      1.4MB

    • MD5

      73cfe539373477efa6c3c60cc3edd622

    • SHA1

      fd4501706c053d18ce6ac03fceee3ba9cd2272fd

    • SHA256

      e668c1bc5a91ed018f95a8dc3c12e0069a09582902a2ea0a70d1be61c5f554c7

    • SHA512

      87d0c6c9ba3d9d95dc7e37139187bd338484fb57ef060c771b7ce9e2216df30b41d2e14f5aa6909c80638d012580107815c0dda87e4f5a6570905f46282ce34c

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks