dridex | 67d2bd853a7d49cb55186ce583660be7e230ce820a79fbb1a1fa04088ed3243e | Triage

Submit
Reports

Overview

overview

Static

static

Kiki

windows7_x64

Sharing

General

Target

nwehe.bin.zip
Size

410KB
Sample

200911-36pvalpy9s
MD5

918839c44622d3148f67308b0a7c14dd
SHA1

f00aabb6fd0360c681294cdabeff5297101d3352
SHA256

67d2bd853a7d49cb55186ce583660be7e230ce820a79fbb1a1fa04088ed3243e
SHA512

23920b623414801dc271bf8cd7b783f633b916828319f1ac6edb30d4868eaca5a3f1da26f034a9715413190d81e77ae9c454c7b2452c619bf1395d966fd514f1

Score

10^/10

dridex 10121 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

nwehe.bin.exe

Resource

win7v200722

dridex 10121 botnet loader

windows7_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10121

C2

120.138.97.98:443

27.254.174.70:4443

144.217.7.207:4443

rc4.plain

rc4.plain

Targets

- Target
  
  nwehe.bin
- Size
  
  1.0MB
- MD5
  
  d3b06344d8d6eb9b86f36a4a8bdbf98b
- SHA1
  
  2d04c721b6a766d91182ec8f59ef106710700f72
- SHA256
  
  8d9fc7639d4aacd7230da111bc58d45b9f9a8cf054023ae0d799828b2e0a4b6b
- SHA512
  
  dbfa07fbb0f07d3f9f91c20bd5b3101b0fbac6fcadb21e9d5da0d9b35e1bbf3793f456e227196580c953578bf51d7d187526a30a92160e145d493b18582a5b57
Score

10^/10

dridex 10121 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex10121botnetloader

© 2018-2024

Terms | Privacy