MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d18d211cf75fbc048d785af92b76a1aa7a01e381313b1a5e66e9cf564cbe78d4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Dridex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d18d211cf75fbc048d785af92b76a1aa7a01e381313b1a5e66e9cf564cbe78d4
SHA3-384 hash: b6a28e18ec7815498455aa93fbe0e905044088032da77cc57018603677bbc2584fc279506eb6250382b9be43450de5c0
SHA1 hash: 2539e653f36ed5a6fbf50a3631218923a9b8a512
MD5 hash: fcfa6cfa2c5e883d36c5252da68c7963
humanhash: kilo-ack-grey-fix
File name:lvkahex.exe
Download: download sample
Signature Dridex
Create hunting rule
File size:217'088 bytes
First seen:2020-07-13 16:06:35 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 1656aa7aa811a8db1ecbc8983c084712 (3 x Dridex)
ssdeep 3072:03qD1yYw4tJhs6NDH4I4gRtthy4qrQwIP+U/SA/7Vhk9w+dpXXl4e:XZFwgsGDYgfthVllXSA/8pl4
Threatray 415 similar samples on MalwareBazaar
TLSH 45240276A2DD26A1E51AFE33B65B701F3A5056738323F4762A20D9B39D9D1850C3332B
Reporter James_inthe_box
Tags:Dridex exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
304
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Detection(s):
SecuriteInfo.com.Generic.mg.024ffcd4c03f4cb0.13516.UNOFFICIAL
Create hunting rule

Result
Verdict:
Clean
Maliciousness:
Detection:
dridex
Create hunting rule
Link:
https://mwdb.cert.pl/sample/d18d211cf75fbc048d785af92b76a1aa7a01e381313b1a5e66e9cf564cbe78d4/
Threat name:
Win32.Infostealer.Dridex
Create hunting rule
Status:
Malicious
First seen:
2020-07-13 15:58:34 UTC
File Type:
PE (Exe)
AV detection:
26 of 29 (89.66%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
1d452b5f3e5d2b6623d0ca35793dfc051e1bf8b237e360906ed055e819235604
Dridex
3c6054b564bc7c113d19d7604baafcd4b23824ecb34f8575e05458b9b1e46063
Dridex
3fd662d7caf82ecc8b61b4fa261bc51510851aa36099a85f66c2689c507e11d7
Dridex
6a05f362aa3b7f597181f694af55d4bddff4cf3e54798dae7fe884dd1faa0494
Dridex
73849ce478a894f10589cc31aece7dcb8a39c1c43a4a5c401b2dae86b53bb9c7
Dridex
c8cca37f43f4aa66b4bfbf811931c57971d2f1571cfebbb7d24235c07e108f26
Dridex
c9e605adb000dd5d2aa5dcd298c1b345d3ffec9d1db3adc40d18f149c4388bab
Dridex
ce90df48bfadeec34a0e41e19bb140fda94c59fe3d27095b517da6bba4f9eeb3
Dridex
d3d026f833f38db4e9c43dd3b7371c3826e39d16ed6c0dfd69301584c6ac4783
Dridex
f072b971950ba8a2e12c85501f0d63160f833df8411c5fa1cda8ac6261b27a2d
Dridex
+ 405 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200713-5c829sjcss/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other
Cape
Cape
https://www.capesandbox.com/analysis/25476/
  
URLhaus
https://urlhaus.abuse.ch/url/412443/

Comments