Analysis
-
max time kernel
149s -
max time network
132s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
17/01/2024, 22:12
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
63be406137697ac6923526a603332cc4.exe
Resource
win7-20231215-en
3 signatures
150 seconds
General
-
Target
63be406137697ac6923526a603332cc4.exe
-
Size
1.1MB
-
MD5
63be406137697ac6923526a603332cc4
-
SHA1
71c371d49480b84f8f0e3daeedac18fc10db3818
-
SHA256
7e0f3ecfa8717937589525bfd93d65a491c66aec8e13335626e886c88a6ed04c
-
SHA512
a40d0fb3609ec2c1fb01dcd5acd80d36f61d18008889304d546c621934105f6d06912d198034faa662cb8db77dd55f6c74e3d2c16d9567c53bd8b11c306b7cb8
-
SSDEEP
12288:xM+ZdkmHubeaCo6Lga1w2A/sUQBJ8gvp:xMcpTo6sg+0BO0
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
177.52.173.20:9043
192.100.170.1:10172
166.62.103.55:7443
rc4.plain
rc4.plain
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
description ioc Process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA 63be406137697ac6923526a603332cc4.exe