33.0.0 White Diamond
IR
510707
CloudBasic
05:21:41
28/10/2021
SecuriteInfo.com.Variant.Razy.980776.18296.11433
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
f9089433cce6fd7f480d5e7335190ef5
0ca2bb79d7b1646f56a18ff24fa0014952455597
7ee50b399b3fde0db3369c94b06e341db931748740da0c96ba4a14db3fbe50ef
Win32 Dynamic Link Library (generic) (1002004/3) 99.60%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
false
4B10DC4223F2840BE804E4085B3FB1E6
5A4473CF78825131CE2890A427C861EC51EEFEB7
0ED3755AAC3E36FF1DCBAF93D68A4C8EBA8AA8AB9CC04809A5989432F24F0B44
45.77.0.96
185.56.219.47
192.46.210.220
143.244.140.214
Found malware configuration
Yara detected Dridex unpacked file
Multi AV Scanner detection for submitted file
System process connects to network (likely due to code injection or exploit)
C2 URLs / IPs found in malware configuration
Detected Dridex e-Banking trojan