dridex | 3c1fbf65402c7956fb7afef6ef09d4a493bb3f385883ffffae1b70ec7c439bed | Triage

Submit
Reports

Overview

overview

Static

static

sample.exe

windows7_x64

sample.exe

windows10_x64

Sharing

General

Target

1944612c545ae9b93e3b98fa7fca045a88a248ec651cfd999ba1f971480d3ad3.bin.gz
Size

196KB
Sample

200901-we58mksbdn
MD5

8c54e0645df91589dfbc383b614f5077
SHA1

d2380d8b36b48e34ccd4174b6073ffad6df7b34e
SHA256

3c1fbf65402c7956fb7afef6ef09d4a493bb3f385883ffffae1b70ec7c439bed
SHA512

acde521fb3f75d5e65fde4cd41aecb10d7435fe81edcf2822e28818deb255004f198c1902dc4bd36b1f6cfb54e62c2940fdfa2a15ff33573978e9b2a13d72c6f

Score

10^/10

dridex 20445 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

sample.exe

Resource

win7v200722

dridex 20445 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sample.exe

Resource

win10

dridex 20445 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

20445

C2

213.136.94.177:443

91.83.93.219:3389

37.205.9.252:8443

213.192.1.171:4646

rc4.plain

rc4.plain

Targets

- Target
  
  sample
- Size
  
  196KB
- MD5
  
  4fa6d713e25ea9bef658813f0074166e
- SHA1
  
  83ab343e30eec2ee966ebd20567ccc9b15486646
- SHA256
  
  1944612c545ae9b93e3b98fa7fca045a88a248ec651cfd999ba1f971480d3ad3
- SHA512
  
  fc69b97a499acfb6f6f850b6b756c74da8170c7b43ca6230c01bf313d48ebbaaed2ad597dd36d2a9964f0f5604bfc7c81a1f2a66f19438ef9d5955801ef258d0
Score

10^/10

dridex 20445 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex20445botnetloader

behavioral2

dridex20445botnetloader

© 2018-2024

Terms | Privacy