ioc[.]one - OSINT Cyber Threat Intelligence Database

Dynamic Data Resolver (DDR) — IDA Plugin 1.0 beta

Tags

attack-pattern:

Data Client Configurations - T1592.004 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	dfa615b9-c1de-42e5-b9f7-4df346343315
Fingerprint	c4118c9be4b79edd
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 28, 2020, 10:59 a.m.
Added to db	Oct. 9, 2022, 4:15 p.m.
Last updated	Nov. 12, 2024, 11:53 a.m.
Headline	Vulnerability Information
Title	Dynamic Data Resolver (DDR) — IDA Plugin 1.0 beta
Detected Hints/Tags/Attributes	37/1/19

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2020/05/dynamic-data-resolver-1-0.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	CTI	Value
Details	File	4		drrun.exe
Details	File	2		ddr_server.py
Details	File	2		ddr64.dll
Details	File	1		buffertest.exe
Details	File	1		sample_config.cfg
Details	File	2		ddr_installer.py
Details	File	1		ddr_processtrace.txt
Details	File	1		testsample2_64.exe
Details	File	21		write.exe
Details	File	90		wordpad.exe
Details	File	2		evilmalware.exe
Details	File	380		notepad.exe
Details	File	1		ddr_threads_evilmalware.exe
Details	File	1		_1368.txt
Details	File	1		trace_tmp_b4ab561a5a8a53e262c3d09738ffbfa3_evilmalware.exe
Details	File	1		_1368.json
Details	File	1		_1368_apicalls.json
Details	File	1		testsample2.exe
Details	File	1		_apicalls.json