dridex | 87a0b86116ff5b7ba9259f8f25a15792090e72119a78225f7e129e7ebd79d90a | Triage

Submit
Reports

Overview

overview

Static

static

sample.exe

windows7_x64

sample.exe

windows10_x64

Sharing

General

Target

b0699861417da2e3626eb78d62d305b7ca5e03f06e5e6bfd0eea99d64306495e.bin.gz
Size

212KB
Sample

200901-rgcd9ac9t6
MD5

ee54dfc3236b0a548b4ce52d705e0c1d
SHA1

12d1951a37b95e30e032d634a3b1f3f426676e11
SHA256

87a0b86116ff5b7ba9259f8f25a15792090e72119a78225f7e129e7ebd79d90a
SHA512

11c775ff318ad6e4069f6c79795f3df1921042b7a6c3551b9bb184233c4a9a045d245f9f6dac4de586617101f953f31982d3e21381d57e099c0d9c679f1e2e8d

Score

10^/10

dridex 40400 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

sample.exe

Resource

win7

dridex 40400 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sample.exe

Resource

win10v200722

dridex 40400 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

59.148.253.194:443

207.180.230.218:3389

2.58.16.87:8443

rc4.plain

rc4.plain

Targets

- Target
  
  sample
- Size
  
  212KB
- MD5
  
  b0759035f71ef81dd808b51904ce0482
- SHA1
  
  fac695bf732a8bca62322629647827fe2466b1ea
- SHA256
  
  b0699861417da2e3626eb78d62d305b7ca5e03f06e5e6bfd0eea99d64306495e
- SHA512
  
  55bd3cfc9cc61e392ee6886a45abcc9350378bd400fd77a4a9537b345240045ea7e615fa9240f2658af6e714a86d790d008e689d0e11695c56e057967b19cbc1
Score

10^/10

dridex 40400 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnetloader

behavioral2

dridex40400botnetloader

© 2018-2024

Terms | Privacy