Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    593b513efb392a8b87615db0ac703fb1b0e161774fe807b1da53acd648c84c77

  • Size

    994KB

  • Sample

    231001-e6k4waha6z

  • MD5

    c837bac079cf86d34f7f96a1daaa6dd6

  • SHA1

    e00bec5b6474410f73f57d48b2e1315f1e3361a8

  • SHA256

    593b513efb392a8b87615db0ac703fb1b0e161774fe807b1da53acd648c84c77

  • SHA512

    a783ada65b794e6133851c82178f4830744651057dcff4e5205894627240a8f15c7947f58474c97bc267e16d57e7638b990ee107d6c69dae93401a0e71d6a3b8

  • SSDEEP

    24576:FypIpBLU1d+RUkfi2tjuQqRnhlFM0kaygx:gSBU+RUka2AlhleC

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      593b513efb392a8b87615db0ac703fb1b0e161774fe807b1da53acd648c84c77

    • Size

      994KB

    • MD5

      c837bac079cf86d34f7f96a1daaa6dd6

    • SHA1

      e00bec5b6474410f73f57d48b2e1315f1e3361a8

    • SHA256

      593b513efb392a8b87615db0ac703fb1b0e161774fe807b1da53acd648c84c77

    • SHA512

      a783ada65b794e6133851c82178f4830744651057dcff4e5205894627240a8f15c7947f58474c97bc267e16d57e7638b990ee107d6c69dae93401a0e71d6a3b8

    • SSDEEP

      24576:FypIpBLU1d+RUkfi2tjuQqRnhlFM0kaygx:gSBU+RUka2AlhleC

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks