dridex | 4a8429e12437ff33866dfbcdc31059e69ffd1e1f15bf3e76d49564050484b3ee | Triage

Submit
Reports

Overview

overview

Static

static

japele.exe

windows7_x64

japele.exe

windows10_x64

Resubmissions

06-08-2020 16:11

200806-nd8e891sax 10

21-07-2020 11:53

200721-397qzb42bx 1

Sharing

General

Target

japele.exe
Size

212KB
Sample

200806-nd8e891sax
MD5

db406b5f94c217e5a3069748ccffd1d4
SHA1

7f0934b06e160576403b50ba2065c13d4dd7c7f5
SHA256

4a8429e12437ff33866dfbcdc31059e69ffd1e1f15bf3e76d49564050484b3ee
SHA512

4bda80b78b0d7e19d1146a8b95b7ddb151b8e78f33d96b41ea23d88e54fb73958e4c4cf78d4288aae934a6a710d3c741395ebbeabefdada57c7f1b3b3bd5df8f

Score

10^/10

dridex 40400 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

japele.exe

Resource

win7

dridex 40400 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

japele.exe

Resource

win10v200722

dridex 40400 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

51.38.124.206:443

207.180.230.218:3389

2.58.16.87:8443

45.177.120.36:691

rc4.plain

rc4.plain

Targets

- Target
  
  japele.exe
- Size
  
  212KB
- MD5
  
  db406b5f94c217e5a3069748ccffd1d4
- SHA1
  
  7f0934b06e160576403b50ba2065c13d4dd7c7f5
- SHA256
  
  4a8429e12437ff33866dfbcdc31059e69ffd1e1f15bf3e76d49564050484b3ee
- SHA512
  
  4bda80b78b0d7e19d1146a8b95b7ddb151b8e78f33d96b41ea23d88e54fb73958e4c4cf78d4288aae934a6a710d3c741395ebbeabefdada57c7f1b3b3bd5df8f
Score

10^/10

dridex 40400 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnetloader

behavioral2

dridex40400botnetloader

© 2018-2024

Terms | Privacy