Trojan[.]Win64[.]Dridex[.]ABM[.]MTB-b221e9990a3e37c98a73e407516a06c0905a6f5cdfb04b0acadb49448c62edd2N

Sharing

Copy URL

Twitter E-mail

General

Target

Trojan.Win64.Dridex.ABM.MTB-b221e9990a3e37c98a73e407516a06c0905a6f5cdfb04b0acadb49448c62edd2N
Size

984KB
MD5

5b4ed52afad791ec0dc42503eb380110
SHA1

51da3175f1952b77a4cbe7d5f25651cebf663d13
SHA256

b221e9990a3e37c98a73e407516a06c0905a6f5cdfb04b0acadb49448c62edd2
SHA512

49814de8778b86ab5f79f03aa860db320fbf58975855740bd1306a67857256b1f360479a75ce7d0962102d7ffdb3f32d93084ac6ce66a190fa7091476f0ebcac
SSDEEP

12288:Ufndx6M581WsGRouyjzC6gn5l0H1Tak8jnGg/xeq7gz3xfsPEb4sk:+dAE81W381Wk8jnYz3dsPEb4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Trojan.Win64.Dridex.ABM.MTB-b221e9990a3e37c98a73e407516a06c0905a6f5cdfb04b0acadb49448c62edd2N

Files

Trojan.Win64.Dridex.ABM.MTB-b221e9990a3e37c98a73e407516a06c0905a6f5cdfb04b0acadb49448c62edd2N
.dll windows:5 windows x64 arch:x64

fdbfc15922661107ed7f5da4af8ccaba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

UrlUnescapeW
StrTrimW

mprapi

MprAdminInterfaceTransportAdd

mscms

AssociateColorProfileWithDeviceW

msvcrt

ldiv

gdi32

SetWindowExtEx
DeleteColorSpace
CreateMetaFileA
CreateDiscardableBitmap
CopyEnhMetaFileW
GetRegionData

rpcrt4

UuidIsNil
RpcBindingSetAuthInfoA

wininet

GetUrlCacheEntryInfoW

wintrust

CryptCATPutAttrInfo

setupapi

SetupLogErrorW
SetupDiSetSelectedDriverA

ole32

HICON_UserMarshal

netapi32

NetShareGetInfo

oleaut32

VarDateFromCy

kernel32

EnumTimeFormatsA
GetLastError
CloseHandle
QueueUserWorkItem
SetEvent
GetNLSVersion

Exports

Exports

AddGadgetMessageHandler
AddLayeredRef
AdjustClipInsideRef
AttachWndProcA
AttachWndProcW
AutoTrace
BeginHideInputPaneAnimation
BeginShowInputPaneAnimation
BuildAnimation
BuildDropTarget
BuildInterpolation
CacheDWriteRenderTarget
ChangeCurrentAnimationScenario
ClearPushedOpacitiesFromGadgetTree
ClearTopmostVisual
CreateAction
CreateGadget
CustomGadgetHitTestQuery
DUserBuildGadget
DUserCastClass
DUserCastDirect
DUserCastHandle
DUserDeleteGadget
DUserFindClass
DUserFlushDeferredMessages
DUserFlushMessages
DUserGetAlphaPRID
DUserGetGutsData
DUserGetRectPRID
DUserGetRotatePRID
DUserGetScalePRID
DUserInstanceOf
DUserPostEvent
DUserPostMethod
DUserRegisterGuts
DUserRegisterStub
DUserRegisterSuper
DUserSendEvent
DUserSendMethod
DUserStopAnimation
DUserStopPVLAnimation
DeleteHandle
DestroyPendingDCVisuals
DetachGadgetVisuals
DetachWndProc
DisableContainerHwnd
DllMain
DrawGadgetTree
EndInputPaneAnimation
EnsureAnimationsEnabled
EnsureGadgetTransInitialized
EnumGadgets
FindGadgetFromPoint
FindGadgetMessages
FindGadgetTargetingInfo
FindStdColor
FireGadgetMessages
ForwardGadgetMessage
FreeGdiDxInteropStagingBuffer
GadgetTransCompositionChanged
GadgetTransSettingChanged
GetActionTimeslice
GetCachedDWriteRenderTarget
GetDUserModule
GetDebug
GetFinalAnimatingPosition
GetGadget
GetGadgetAnimation
GetGadgetBitmap
GetGadgetBufferInfo
GetGadgetCenterPoint
GetGadgetFlags
GetGadgetFocus
GetGadgetLayerInfo
GetGadgetMessageFilter
GetGadgetProperty
GetGadgetRect
GetGadgetRgn
GetGadgetRootInfo
GetGadgetRotation
GetGadgetScale
GetGadgetSize
GetGadgetStyle
GetGadgetTicket
GetGadgetVisual
GetMessageExA
GetMessageExW
GetStdColorBrushF
GetStdColorBrushI
GetStdColorF
GetStdColorI
GetStdColorName
GetStdColorPenF
GetStdColorPenI
GetStdPalette
InitGadgetComponent
InitGadgets
InvalidateGadget
InvalidateLayeredDescendants
IsGadgetParentChainStyle
IsInsideContext
IsStartDelete
LookupGadgetTicket
MapGadgetPoints
PeekMessageExA
PeekMessageExW
RegisterGadgetMessage
RegisterGadgetMessageString
RegisterGadgetProperty
ReleaseDetachedObjects
ReleaseLayeredRef
ReleaseMouseCapture
RemoveClippingImmunityFromVisual
RemoveGadgetMessageHandler
RemoveGadgetProperty
ResetDUserDevice
ScheduleGadgetTransitions
SetActionTimeslice
SetAtlasingHints
SetGadgetBufferInfo
SetGadgetCenterPoint
SetGadgetFillF
SetGadgetFillI
SetGadgetFlags
SetGadgetFocus
SetGadgetFocusEx
SetGadgetLayerInfo
SetGadgetMessageFilter
SetGadgetOrder
SetGadgetParent
SetGadgetProperty
SetGadgetRect
SetGadgetRootInfo
SetGadgetRotation
SetGadgetScale
SetGadgetStyle
SetHardwareDeviceUsage
SetMinimumDCompVersion
SetRestoreCachedLayeredRefFlag
SetTransitionVisualProperties
SetWindowResizeFlag
UnregisterGadgetMessage
UnregisterGadgetMessageString
UnregisterGadgetProperty
UtilBuildFont
UtilDrawBlendRect
UtilDrawOutlineRect
UtilGetColor
UtilSetBackground
WaitMessageEx

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 524KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdbfc15922661107ed7f5da4af8ccaba

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

mprapi

mscms

msvcrt

gdi32

rpcrt4

wininet

wintrust

setupapi

ole32

netapi32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 524KB - Virtual size: 520KB

.data Size: 84KB - Virtual size: 82KB

.pdata Size: 4KB - Virtual size: 2KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 3KB

Size: 4KB - Virtual size: 954B

Size: 4KB - Virtual size: 1KB

Size: 8KB - Virtual size: 7KB

Size: 280KB - Virtual size: 276KB

Size: 4KB - Virtual size: 571B

Size: 4KB - Virtual size: 1022B

Size: 8KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 524KB - Virtual size: 520KB

.data
Size: 84KB - Virtual size: 82KB

.pdata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 3KB