dridex | ace964d33327ba89346cb91eb8042bd095cf52893c0f9703fc104c272a6bccb0 | Triage

Submit
Reports

Overview

overview

Static

static

0af0635495...a5.exe

windows7_x64

0af0635495...a5.exe

windows10_x64

Sharing

General

Target

0af0635495d37d661a77f1a5140cf9a5
Size

356KB
Sample

201117-73993pkqtn
MD5

b9e8580791cd59a7a0a0c017873567df
SHA1

fbd5dd0af7cbd794041a45a4b36ae495c5ee2190
SHA256

ace964d33327ba89346cb91eb8042bd095cf52893c0f9703fc104c272a6bccb0
SHA512

5005e287e776ce594cec47d74f0613614777e6bddc750c2ba35c71b8ac91d166170607c4a1515b5fe1993878f65521588f157709e84ac53879ed0f1581d339ab

Score

10^/10

dridex 10111 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

0af0635495d37d661a77f1a5140cf9a5.exe

Resource

win7v20201028

dridex 10111 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0af0635495d37d661a77f1a5140cf9a5.exe

Resource

win10v20201028

dridex 10111 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

2.58.16.89:8443

37.139.2.140:3889

217.160.78.166:4664

rc4.plain

rc4.plain

Targets

- Target
  
  0af0635495d37d661a77f1a5140cf9a5
- Size
  
  356KB
- MD5
  
  b9e8580791cd59a7a0a0c017873567df
- SHA1
  
  fbd5dd0af7cbd794041a45a4b36ae495c5ee2190
- SHA256
  
  ace964d33327ba89346cb91eb8042bd095cf52893c0f9703fc104c272a6bccb0
- SHA512
  
  5005e287e776ce594cec47d74f0613614777e6bddc750c2ba35c71b8ac91d166170607c4a1515b5fe1993878f65521588f157709e84ac53879ed0f1581d339ab
Score

10^/10

dridex 10111 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex10111botnetloader

behavioral2

dridex10111botnetloader

© 2018-2024

Terms | Privacy