Analysis
-
max time kernel
75s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
22-12-2024 11:26
Behavioral task
behavioral1
Sample
2020-04-14_20-25-01.exe
Resource
win7-20240903-en
3 signatures
150 seconds
General
-
Target
2020-04-14_20-25-01.exe
-
Size
260KB
-
MD5
8a988984d3a01e7462c7db414247f3ca
-
SHA1
95dc47b625c5ae8b165658cc24bcaec136faf479
-
SHA256
afb5161c6f1903013a24a6fcd3b39210df5025f776ea7c35ebc8911fef8e1cca
-
SHA512
b59b64af284f697da946df3b09f8e9bd7e84bc924c07e33db1b07d470724e3bf437b2907bd226ee249afe84f646948d71613c782ffdadee2af3c02021ad24274
-
SSDEEP
3072:5oov7ySiyJKOhHlUZeJnmhwEIRcAF09LQmnddpWuNWQVKLKWNe9XTAKjb9DKwjzC:7yDyJKOhHeL6RhS9LJuQeKWwrb9nr624
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
5.45.179.186:443
54.38.143.246:691
159.65.79.173:3886
153.122.13.133:1443
rc4.plain
rc4.plain
Signatures
-
Dridex family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 2020-04-14_20-25-01.exe