dridex | b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9 | Triage

Submit
Reports

Overview

overview

Static

static

b6ab3011a7...c9.dll

windows7_x64

b6ab3011a7...c9.dll

windows10_x64

Sharing

General

Target

b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9
Size

165KB
Sample

210108-yxkh25vtwe
MD5

eb2a6b15ae783a06f63b258e6b1b5dea
SHA1

c6a15516ba0a987a71032522bbbb345d379001ac
SHA256

b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9
SHA512

b54bdada86e7995ef6d1ce9b22ef5488254774a32b057f28a4672c884b4abf7e87a6957c67790f1f0b6f7230f9e94c4663c02f28d478236f611516868773cc1d

Score

10^/10

dridex 10555 botnet loader

Static task

static1

botnet loader dridex

Behavioral task

behavioral1

Sample

b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9.dll

Resource

win7v20201028

dridex 10555 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9.dll

Resource

win10v20201028

dridex 10555 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Version

10555

C2

199.66.90.63:443

85.214.26.7:3389

51.68.224.245:4646

107.175.87.150:3889

rc4.plain

rc4.plain

Extracted

Family

dridex

Botnet

10555

C2

199.66.90.63:443

85.214.26.7:3389

51.68.224.245:4646

107.175.87.150:3889

rc4.plain

rc4.plain

Targets

- Target
  
  b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9
- Size
  
  165KB
- MD5
  
  eb2a6b15ae783a06f63b258e6b1b5dea
- SHA1
  
  c6a15516ba0a987a71032522bbbb345d379001ac
- SHA256
  
  b6ab3011a740ead047ff5bdb242fff77cbc3c5cbee2757c1ab8f830ceaef24c9
- SHA512
  
  b54bdada86e7995ef6d1ce9b22ef5488254774a32b057f28a4672c884b4abf7e87a6957c67790f1f0b6f7230f9e94c4663c02f28d478236f611516868773cc1d
Score

10^/10

dridex 10555 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

botnetloaderdridex

behavioral1

dridex10555botnetloader

behavioral2

dridex10555botnetloader

© 2018-2024

Terms | Privacy