Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e99fc721d12aa6b00f8bb58c1ebb7a7a6a8a156757a68be3e071a0cb49ce7382

  • Size

    4.1MB

  • Sample

    231113-mtx7nscb61

  • MD5

    f35727760b1c7c625c7972e67267c956

  • SHA1

    c44246e010902ba95c1d122a88032cc3ed7f792b

  • SHA256

    e99fc721d12aa6b00f8bb58c1ebb7a7a6a8a156757a68be3e071a0cb49ce7382

  • SHA512

    6e77bb6601762714c4c8a536066607c1da451f08b01a7b820272361923a916494369f7f6eb389c3339b5d9ce53cfb1ec63b387bf2d92a44e4f9e5da5f0df43b4

  • SSDEEP

    98304:l2ZIGA1T7oyz00rMTuY9Tg4EWKl5r1M2TRZUo:l2ZIdTcy5Y9k4fO5M2z

Score
10/10
gluptebadropperevasionloaderpersistenceupx

Malware Config

Targets

    • Target

      e99fc721d12aa6b00f8bb58c1ebb7a7a6a8a156757a68be3e071a0cb49ce7382

    • Size

      4.1MB

    • MD5

      f35727760b1c7c625c7972e67267c956

    • SHA1

      c44246e010902ba95c1d122a88032cc3ed7f792b

    • SHA256

      e99fc721d12aa6b00f8bb58c1ebb7a7a6a8a156757a68be3e071a0cb49ce7382

    • SHA512

      6e77bb6601762714c4c8a536066607c1da451f08b01a7b820272361923a916494369f7f6eb389c3339b5d9ce53cfb1ec63b387bf2d92a44e4f9e5da5f0df43b4

    • SSDEEP

      98304:l2ZIGA1T7oyz00rMTuY9Tg4EWKl5r1M2TRZUo:l2ZIdTcy5Y9k4fO5M2z

    Score
    10/10
    gluptebadropperevasionloaderpersistenceupx

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba payload

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks