Overview

overview

10

Static

static

20aa97b838...ed.exe

windows7_x64

10

20aa97b838...ed.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20aa97b838f08205d972dac7e6a3bd522232f6c75d709a6b8beb512b92fd20ed

  • Size

    511KB

  • Sample

    201115-w8abgk8zze

  • MD5

    7c8eb17dcda03499edebd8b5e6ba0010

  • SHA1

    f7a6eb759b2c512dc83264d506b2ce2c572297f2

  • SHA256

    20aa97b838f08205d972dac7e6a3bd522232f6c75d709a6b8beb512b92fd20ed

  • SHA512

    56225e158e507a464f9ef13c9a4ad428728160f42a49f0dac65421ca4da8017ba819dc2ed1526d5794854ff25caacbd959412c41ba0345736f156c18d9fbb64c

Score
10/10
dridex10111botnetloader

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

2.58.16.89:8443

37.139.2.140:3889
rc4.plain
rc4.plain

Targets

    • Target

      20aa97b838f08205d972dac7e6a3bd522232f6c75d709a6b8beb512b92fd20ed

    • Size

      511KB

    • MD5

      7c8eb17dcda03499edebd8b5e6ba0010

    • SHA1

      f7a6eb759b2c512dc83264d506b2ce2c572297f2

    • SHA256

      20aa97b838f08205d972dac7e6a3bd522232f6c75d709a6b8beb512b92fd20ed

    • SHA512

      56225e158e507a464f9ef13c9a4ad428728160f42a49f0dac65421ca4da8017ba819dc2ed1526d5794854ff25caacbd959412c41ba0345736f156c18d9fbb64c

    Score
    10/10
    dridex10111botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks