Overview

overview

7

Static

static

3

dridex

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-08-2023 19:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2133632b53082d2f8f5a9f529554d52073f827b28570d76527e13760f62699af.exe

  • Size

    459KB

  • MD5

    67437615779e67c4c52c7fa423443229

  • SHA1

    3ac5ddccee25a53edfe498f4aca5eb8aed3e06d7

  • SHA256

    2133632b53082d2f8f5a9f529554d52073f827b28570d76527e13760f62699af

  • SHA512

    fe48d2e887e5a7196908d6376c780355d9003543aed0b80c1740ae76df6e5652f13062a9ffd630216f6b98983ffe9b271d34ed90cdb84624833b735182ab2325

  • SSDEEP

    6144:bgClxQ1+sBMqQjgVV5JmPxdHO43CkNkGNs0xXTApotH9Vf2SFNn:sqxQ1+sxQjWXonMkhxcpAH9NF

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
    spyware
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2133632b53082d2f8f5a9f529554d52073f827b28570d76527e13760f62699af.exe
    "C:\Users\Admin\AppData\Local\Temp\2133632b53082d2f8f5a9f529554d52073f827b28570d76527e13760f62699af.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4712-0-0x00000000025D0000-0x000000000260B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/4712-1-0x00000000040E0000-0x0000000004130000-memory.dmp

    Filesize

    320KB

    Download

  • memory/4712-2-0x0000000000400000-0x0000000002461000-memory.dmp

    Filesize

    32.4MB

    Download

  • memory/4712-3-0x0000000004520000-0x0000000004530000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4712-4-0x0000000006BB0000-0x0000000007154000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4712-5-0x0000000074C30000-0x00000000753E0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4712-6-0x00000000096D0000-0x0000000009762000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4712-7-0x0000000004520000-0x0000000004530000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4712-8-0x0000000009900000-0x000000000990A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4712-9-0x0000000009D40000-0x000000000A358000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/4712-10-0x00000000099B0000-0x00000000099C2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4712-11-0x00000000099D0000-0x0000000009ADA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4712-12-0x0000000009AE0000-0x0000000009B1C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/4712-13-0x000000000A360000-0x000000000A3C6000-memory.dmp

    Filesize

    408KB

    Download

  • memory/4712-14-0x000000000AC20000-0x000000000AC96000-memory.dmp

    Filesize

    472KB

    Download

  • memory/4712-15-0x000000000ACF0000-0x000000000AEB2000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/4712-17-0x000000000AED0000-0x000000000B3FC000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/4712-18-0x000000000B500000-0x000000000B51E000-memory.dmp

    Filesize

    120KB

    Download

  • memory/4712-16-0x0000000000400000-0x0000000002461000-memory.dmp

    Filesize

    32.4MB

    Download

  • memory/4712-19-0x00000000025D0000-0x000000000260B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/4712-20-0x00000000040E0000-0x0000000004130000-memory.dmp

    Filesize

    320KB

    Download

  • memory/4712-22-0x0000000074C30000-0x00000000753E0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4712-23-0x0000000000400000-0x0000000002461000-memory.dmp

    Filesize

    32.4MB

    Download