MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77734c9865fd31b3551462126dc27387775ba3a969ec1cb4b6c9fccf45ce43dd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Dridex

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	77734c9865fd31b3551462126dc27387775ba3a969ec1cb4b6c9fccf45ce43dd
SHA3-384 hash:	16a40f02f96ac8de9bdaf6c578885b4cc1e482c887d05d1e8c2e53e37b614c6d138020659f7bc88d46067f2dd681d800
SHA1 hash:	126f8b501b94fd623e5d79001af70a0e9eb78033
MD5 hash:	88b8438400a22f5a648e75a6a53d51be
humanhash:	skylark-jig-asparagus-happy
File name:	88b8438400a22f5a648e75a6a53d51be.dll
Download:	download sample
Signature	Dridex Create hunting rule
File size:	710'726 bytes
First seen:	2021-01-29 08:32:28 UTC
Last seen:	2021-01-29 10:54:49 UTC
File type:	dll
MIME type:	application/x-dosexec
ssdeep	12288:ASts0Ljpezsf/Lrxn9AiQwvM8hZDgh6cVBsepVEsY7/ICmco0ADXET:HtrszsHxfjv7Dg1Dc7/IxET
Threatray	8 similar samples on MalwareBazaar
TLSH	61E4E161BDD0E479E76E22304C16DCBA026ABC0416BEFC6F32DE2D5F15B2262F116794
Reporter	abuse_ch
Tags:	dll Dridex

Intelligence

File Origin

# of uploads :

2

# of downloads :

150

Origin country :

n/a

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/114661/

Detection(s):

SecuriteInfo.com.Trojan.Dridex.735.11526.9397.UNOFFICIAL

Result

Verdict:

Malware

Maliciousness:

Behaviour

Sending a UDP request

Result

Threat name:

Unknown

Detection:

malicious

Classification:

n/a

Score:

48 / 100

Link:

https://www.joesandbox.com/analysis/593666

Signature

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/77734c9865fd31b3551462126dc27387775ba3a969ec1cb4b6c9fccf45ce43dd/

Threat name:

Win32.Infostealer.Dridex

Status:

Malicious

First seen:

2021-01-27 08:50:29 UTC

AV detection:

11 of 46 (23.91%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=o5zuzgdf7uy3gviumijg3qttq53vxi5jnhwbznfwzh6m6rooipoq._file

Verdict:

unknown

Similar samples:

08859ac4f1ffc2f704daef2a26e05b4f36c93ac54f2288f0c00f15395819f36a

26bf46b79aeb7775dbf7ccef58f5becb631ac14591ec9e1cdad6962600db5bc6

3492d7a110e1745ed6c308da51de7b141e800febd2f62cf8d2797bffa694665b

77d877ee5c36b18049942136221236b2f650080bf3dd7ca883bcb00ba9582d18

7f74994cfed1a06818e7083a8d1f462065a21d23d742e59ff0a9a66a6bf93bf5

81222472b041091fc7af2308fee853b197d8b6dd0010dada181c153998535dd0

b6cf019dca618ebc676b84c40846e0a9a2050689b35845af2f12a93442fb25e8

cc242ab99ab6100dcdc98f004f26041fdd5b67015630d73bff76b03a3d2d607f

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/210129-svzrb11p86/

Behaviour

Suspicious use of WriteProcessMemory

Unpacked files

SH256 hash:

77734c9865fd31b3551462126dc27387775ba3a969ec1cb4b6c9fccf45ce43dd

MD5 hash:

88b8438400a22f5a648e75a6a53d51be

SHA1 hash:

126f8b501b94fd623e5d79001af70a0e9eb78033

Link:

https://www.unpac.me/results/5dbd39eb-7741-4a02-a933-86368be97457/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/77734c9865fd31b3551462126dc27387775ba3a969ec1cb4b6c9fccf45ce43dd

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

DLL dll 77734c9865fd31b3551462126dc27387775ba3a969ec1cb4b6c9fccf45ce43dd

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/979205/

Delivery method

Distributed via web download

Cape

Cape

https://www.capesandbox.com/analysis/114661/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample