Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f3b72a3a341cdf56bf86510e5d0b77c674520c2740026530319166f553a60234

  • Size

    1.1MB

  • Sample

    231001-2pfjdsec51

  • MD5

    8ce00e04e96c6d014d7da3235ebc085f

  • SHA1

    267ab6afdf8a292e9e12f0753f2138d3dab40c1b

  • SHA256

    f3b72a3a341cdf56bf86510e5d0b77c674520c2740026530319166f553a60234

  • SHA512

    25da9b75a8dac474cf8c422043f1d1729ebe886af0fe22b562be6a0131f296e55700552274d79a3bd340b7212c294e43b8f59cb6bf38878b0ea3b82c8be9ae55

  • SSDEEP

    24576:uy49W2NsypNCSQSIY0Wr2o+hJQrppDHPOWx3Vw+n:94Q2NgSQS//2PJQ1pbmWH

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      f3b72a3a341cdf56bf86510e5d0b77c674520c2740026530319166f553a60234

    • Size

      1.1MB

    • MD5

      8ce00e04e96c6d014d7da3235ebc085f

    • SHA1

      267ab6afdf8a292e9e12f0753f2138d3dab40c1b

    • SHA256

      f3b72a3a341cdf56bf86510e5d0b77c674520c2740026530319166f553a60234

    • SHA512

      25da9b75a8dac474cf8c422043f1d1729ebe886af0fe22b562be6a0131f296e55700552274d79a3bd340b7212c294e43b8f59cb6bf38878b0ea3b82c8be9ae55

    • SSDEEP

      24576:uy49W2NsypNCSQSIY0Wr2o+hJQrppDHPOWx3Vw+n:94Q2NgSQS//2PJQ1pbmWH

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks