MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 07b339201b9b88b2f43d68584a102fe3c84ab0393e5869357c0b8d08367cc291. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Dridex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 07b339201b9b88b2f43d68584a102fe3c84ab0393e5869357c0b8d08367cc291
SHA3-384 hash: 6b86c6f261b8ae39e6d9a4f0055ad6e0888dc2099b8d9805b2a3e1c227f7f84c108ce2f45e01a3718304a17269aad29b
SHA1 hash: 5a0beac09972b7c7d8f474557b246a0fa68d1553
MD5 hash: c85ca5fd57411fa0bea7f67bf5b9331b
humanhash: blossom-kansas-delaware-venus
File name:B7M5IBubiLL0PWhYShAv48hKsDk_WGk1fAuNCDZ8wpE.bin
Download: download sample
Signature Dridex
Create hunting rule
File size:377'176 bytes
First seen:2020-06-17 12:19:12 UTC
Last seen:2020-06-17 15:23:29 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash 9592b2e3b7b325317ae83ec2fab73421 (1 x Dridex, 1 x ZLoader)
ssdeep 6144:p16pvAYpaqzQRlHQ+FjdJW44whAJJLQaq6Ix1QDlKIxc:piPpT6Q+w4uQaC1QDlKt
Threatray 63 similar samples on MalwareBazaar
TLSH 8384DF11B35F502FEC96677296B28B920D3AAC720E7C859AD68178FD28F0474A1317DF
Reporter Anonymous
Tags:Dridex

Code Signing Certificate

Organisation:MVRIKTPRSDUBLRMUTK
Issuer:MVRIKTPRSDUBLRMUTK
Algorithm:sha1WithRSA
Valid from:Jun 17 04:05:13 2020 GMT
Valid to:Dec 31 23:59:59 2039 GMT
Serial number: -6177841A06C5737EB3E9EFE58851C5F4
Intelligence: 2 malware samples on MalwareBazaar are signed with this code signing certificate
Thumbprint Algorithm:SHA256
Thumbprint: 834F0E313B473531ECFDA920931563D556B51B62997798F51C83D897CCA2B77E
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
4
# of downloads :
92
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Detection(s):
SecuriteInfo.com.Mal.Cerber-AL.11458.31800.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-17 12:35:46 UTC
File Type:
PE (Dll)
Extracted files:
35
AV detection:
23 of 30 (76.67%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=a6ztsia3toelf5b5nbmeuebp4peevmbzhzmgsnl4bogqqnt4ykiq._file
Verdict:
malicious
Similar samples:
11d14048cb74288cda1a77e860fb1a9f0b150e33f10080cce8f691c9c4e949e8
Dridex
3110ca3a3f271be4e055a24fb49ae3f35646cea6f99d356ea6672a3f705dcbb5
Dridex
4655c0216538f752dea2ce1649807d597cd83a935f1385bdd8f418616de97b68
Dridex
500be83e6624af2302e45bc91e026b776d72824cf84896839e03251c41394110
Dridex
5f68e13f8bf051e68782ba9f3d67555b3b8ca8d8b06b9d6b98c5c45c7217b1e3
Dridex
9bd1a0c0564ae97f2b7c62d392fe749fe2459e1b0f16e2aa0625547b411d1a7a
Dridex
af428d745dcd02eddb036ee2dbba01665b5331493ba16344f5fa1b0bb1aaa616
Dridex
df24b965e541f833d891035d6413afa250824f0961dcd6080732b175d3057495
Dridex
e894ace959ac95fda393105d2905b0668ad93781c04be83f9f41fdf38edc1cbc
Dridex
f8bcbdcee35ecafe53c58b8a35bf93db799e7a42136ecb7332d636745744c400
Dridex
+ 53 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200624-v3kqxc6cga/
Behaviour
Suspicious use of WriteProcessMemory
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Dridex

DLL dll 07b339201b9b88b2f43d68584a102fe3c84ab0393e5869357c0b8d08367cc291

(this sample)

  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/19528/

Comments