dridex | 69ee26ba2019f4cc30752f00a815a726795c8e898edffe739daa6e84e6c41ac2 | Triage

Submit
Reports

Overview

overview

Static

static

bjsdke.exe

windows7_x64

bjsdke.exe

windows10_x64

Resubmissions

06-08-2020 16:19

200806-87rg3sqsrs 10

15-07-2020 16:03

200715-ae9zc2cata 1

Sharing

General

Target

bjsdke.exe
Size

208KB
Sample

200806-87rg3sqsrs
MD5

d6902c0c63c7360b20636fbf082f5dcc
SHA1

1d1844668a175b1d85f31732331827ff77cb79c4
SHA256

69ee26ba2019f4cc30752f00a815a726795c8e898edffe739daa6e84e6c41ac2
SHA512

438ec4859ff4b7d2ce06f6025719f8cd1de1c01a2a7404e73c0f8dce66d1e545e0c2846cabc7cfc5ae2eb1f2ec7e1cc1a08688899f58fecc159067769428f90a

Score

10^/10

dridex 40400 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

bjsdke.exe

Resource

win7v200722

dridex 40400 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bjsdke.exe

Resource

win10

dridex 40400 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

59.148.253.194:443

207.180.230.218:3389

2.58.16.87:8443

rc4.plain

rc4.plain

Targets

- Target
  
  bjsdke.exe
- Size
  
  208KB
- MD5
  
  d6902c0c63c7360b20636fbf082f5dcc
- SHA1
  
  1d1844668a175b1d85f31732331827ff77cb79c4
- SHA256
  
  69ee26ba2019f4cc30752f00a815a726795c8e898edffe739daa6e84e6c41ac2
- SHA512
  
  438ec4859ff4b7d2ce06f6025719f8cd1de1c01a2a7404e73c0f8dce66d1e545e0c2846cabc7cfc5ae2eb1f2ec7e1cc1a08688899f58fecc159067769428f90a
Score

10^/10

dridex 40400 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnetloader

behavioral2

dridex40400botnetloader

© 2018-2024

Terms | Privacy