dridex | 93c97bf3711640d5bd8ff0c2033492b2cea7b81ef2ea0e6f6b2327913e9be9d7 | Triage

Submit
Reports

Overview

overview

Static

static

bjsdke.exe

windows7_x64

bjsdke.exe

windows10_x64

Resubmissions

06-08-2020 16:19

200806-dwkdpetzc2 10

15-07-2020 14:08

200715-86lh36b8se 1

Sharing

General

Target

bjsdke.exe
Size

208KB
Sample

200806-dwkdpetzc2
MD5

89ebbc1ee8354b40737dbee5438a27e7
SHA1

1fc9304746dd882fec9c8a9eea13f395b6b4b287
SHA256

93c97bf3711640d5bd8ff0c2033492b2cea7b81ef2ea0e6f6b2327913e9be9d7
SHA512

69a59ef21baaa559648059c7295156ac9c099fd4f8a5f1ef89fc161710dcb2e063f77637a9ef63cde212d093b97f62b8c154b42b1632e442f97498e0456d9146

Score

10^/10

dridex 40400 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

bjsdke.exe

Resource

win7v200722

dridex 40400 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bjsdke.exe

Resource

win10

dridex 40400 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

59.148.253.194:443

207.180.230.218:3389

2.58.16.87:8443

rc4.plain

rc4.plain

Targets

- Target
  
  bjsdke.exe
- Size
  
  208KB
- MD5
  
  89ebbc1ee8354b40737dbee5438a27e7
- SHA1
  
  1fc9304746dd882fec9c8a9eea13f395b6b4b287
- SHA256
  
  93c97bf3711640d5bd8ff0c2033492b2cea7b81ef2ea0e6f6b2327913e9be9d7
- SHA512
  
  69a59ef21baaa559648059c7295156ac9c099fd4f8a5f1ef89fc161710dcb2e063f77637a9ef63cde212d093b97f62b8c154b42b1632e442f97498e0456d9146
Score

10^/10

dridex 40400 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnetloader

behavioral2

dridex40400botnetloader

© 2018-2024

Terms | Privacy