MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 99dc052f25dc04623e6479983c2753147da72578bb5bce0966b0d5bfff6a3c2b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 99dc052f25dc04623e6479983c2753147da72578bb5bce0966b0d5bfff6a3c2b
SHA3-384 hash: a3ad019bed13f526f395ce886909c4b0ac23316b2ab942f7847d7df3cea8030b80bb7ce7cd7e9ac764064fd1dbb6d25a
SHA1 hash: f8f6380ba33d0b37324a104107b217dec1acff1c
MD5 hash: e28705d10a3d2618b603f01dff1f7f5c
humanhash: virginia-uniform-nuts-emma
File name:SecuriteInfo.com.Trojan.Dridex.735.21505.13800
Download: download sample
File size:138'800 bytes
First seen:2021-01-21 17:25:14 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
ssdeep 3072:ZxjbI13ke8V5mPZq46NE1MNOa3Xri5hVHPkk7k75Ova7VujXENlpBb:ZRIRmZlAY93XOVHPkk7eoaVuQpb
Threatray 2 similar samples on MalwareBazaar
TLSH 4CD3BF60FCA1E468D75C23744C9AECBD0192FC45979AFE8F32DE1E4B51A0A93F457284
Reporter SecuriteInfoCom

Intelligence

File Origin
# of uploads :
1
# of downloads :
117
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/113337/
Detection(s):
SecuriteInfo.com.Trojan.Dridex.735.21505.13800.UNOFFICIAL
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Result
Threat name:
Unknown
Detection:
clean
Classification:
n/a
Score:
3 / 100
Link:
https://www.joesandbox.com/analysis/587533
Behaviour
Behavior Graph:
n/a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/99dc052f25dc04623e6479983c2753147da72578bb5bce0966b0d5bfff6a3c2b/
Verdict:
malicious
Similar samples:
1b004f4a0b41a1e7f0ebf49de986904b872626641c6e40e9893e09e848a0a303
3aa2de59ee2301694767bff91bf375dd8fe8d59c9941037d1da8ca78510b9f53
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/210121-dpys356k5j/
Behaviour
Suspicious use of WriteProcessMemory
Unpacked files
SH256 hash:
99dc052f25dc04623e6479983c2753147da72578bb5bce0966b0d5bfff6a3c2b
MD5 hash:
e28705d10a3d2618b603f01dff1f7f5c
SHA1 hash:
f8f6380ba33d0b37324a104107b217dec1acff1c
Link:
https://www.unpac.me/results/13dc1a47-1088-4ddd-9974-f6d1772a4123/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/99dc052f25dc04623e6479983c2753147da72578bb5bce0966b0d5bfff6a3c2b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/113337/

Comments