Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    164255283eeb9b38d4be91e9216b2f09a103f9cc91fa108aec1d0d350ca6b053

  • Size

    1.1MB

  • Sample

    231007-gsfncabf94

  • MD5

    e7f29032f3b99cd587505f3878836186

  • SHA1

    fa11c85f1e661d93f4abc3ec8c1a776bcd8dea8a

  • SHA256

    164255283eeb9b38d4be91e9216b2f09a103f9cc91fa108aec1d0d350ca6b053

  • SHA512

    f7a9e7e8dc787871c6284b22a39bda8472356440e38e79b192e7bc50185de5409ac6fbe11457889fbaf237b92843dbe846f67aba2524ef4d0e9c4898e234936c

  • SSDEEP

    24576:VyWhQIAjgtadq7GPJ6xnIPMqRaCJmrk4Yu5AvQMrFJ:wWFAjitYJwI1gCJjPu5AI

Score
10/10
mysticevasionpersistencestealertrojan

Malware Config

Targets

    • Target

      164255283eeb9b38d4be91e9216b2f09a103f9cc91fa108aec1d0d350ca6b053

    • Size

      1.1MB

    • MD5

      e7f29032f3b99cd587505f3878836186

    • SHA1

      fa11c85f1e661d93f4abc3ec8c1a776bcd8dea8a

    • SHA256

      164255283eeb9b38d4be91e9216b2f09a103f9cc91fa108aec1d0d350ca6b053

    • SHA512

      f7a9e7e8dc787871c6284b22a39bda8472356440e38e79b192e7bc50185de5409ac6fbe11457889fbaf237b92843dbe846f67aba2524ef4d0e9c4898e234936c

    • SSDEEP

      24576:VyWhQIAjgtadq7GPJ6xnIPMqRaCJmrk4Yu5AvQMrFJ:wWFAjitYJwI1gCJjPu5AI

    Score
    10/10
    mysticevasionpersistencestealertrojan

    • Detect Mystic stealer payload

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks