MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 99f655edc7461d466cfafb1c823010094070ab02e259a796859ca1a9e0cbe04e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Dridex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 99f655edc7461d466cfafb1c823010094070ab02e259a796859ca1a9e0cbe04e
SHA3-384 hash: 9edcdabb978692f73dc7f7abd2f4678110eb2906b5d355073b0c0ee85f9d5aebdf5af78f88ffc6ebf7f90a1568d80678
SHA1 hash: b641485949bd208040f8768b1ef07c030b9fd8e8
MD5 hash: 3cc6653fb79acd2ae8a7df2208f0f4bd
humanhash: august-ten-beer-mountain
File name:99f655edc7461d466cfafb1c823010094070ab02e259a796859ca1a9e0cbe04e
Download: download sample
Signature Dridex
Create hunting rule
File size:316'829 bytes
First seen:2020-11-06 00:51:39 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
ssdeep 6144:S3s9vfpA09TUZiYWpcl8Yte2YMnnWZI8VQ3SSOED1nUmhMwHpId7V:Sc9vDhUZiYWpcl80YMnv3YERntMwHpqV
Threatray 34 similar samples on MalwareBazaar
TLSH 01646B06FAC40EB7C9CB2176C46911778377EE9507A5FA0357B9B948DAB13E53B30A02
Reporter seifreed
Tags:Dridex

Intelligence

File Origin
# of uploads :
1
# of downloads :
60
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Dridex.735.11434.31330.UNOFFICIAL
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/99f655edc7461d466cfafb1c823010094070ab02e259a796859ca1a9e0cbe04e/
Threat name:
Win32.Infostealer.Dridex
Create hunting rule
Status:
Malicious
First seen:
2020-11-01 14:03:01 UTC
AV detection:
17 of 29 (58.62%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=th3fl3ohiyoum3h27moiemaqbfahbkyc4jm2pfuftsq2tygl4bha._file
Verdict:
unknown
Similar samples:
34906b0447d9ccdd3edc167f3c01a8a9bbd4550159efbb71f7149398bbf404ce
Dridex
3c2a6706749ae6f13563a9e632fcf1f2428149c1fd41a815c51e15cfa2791e0e
Dridex
3e2200ba4cff1f42584d4fd0dbdc24634da3463e6e0f5183f802b9d8cc8c42bc
Dridex
46847b2ea53782a10fd82ab4ec2ac705d4029c9e93e7201e3b0f0928d2c34858
Dridex
512d27808f244696510e2129a5b87623cf73a354e065c28c6abfe023c2b9f647
Dridex
6b748a0e8362708fff37d236e176850fade4242e0e439a32bbbe52c11e961341
Dridex
6f44a7e56eb2efe65e35576ea02c37a740a7ec8c8d12b57be29012ad9894dad1
Dridex
94ae9dc233446e0595d9904c2306b8b9b149a66f40378cdcd52d9090a89d1a2f
Dridex
ce1dd4671c2f31856e6f8c275ca00c0ed3219a981c749d9e278aa7de550e7a4f
Dridex
f3a8a9aa53b8694b31e7584950d80eb276a1ed6cfab24cb392eed78d546ea9f9
Dridex
+ 24 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201108-5tl48cvdz6/
Behaviour
Suspicious use of WriteProcessMemory
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other
  
URLhaus
https://urlhaus.abuse.ch/url/658191/

Comments