Overview

overview

10

Static

static

SecuriteIn...14.dll

windows7_x64

10

SecuriteIn...14.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Dridex.735.17436.18814

  • Size

    848KB

  • Sample

    210121-tltthfqs42

  • MD5

    054163a5c03b3729bef9f9dd63ff7945

  • SHA1

    6eccd0c7a2e7519f083ad9ee14dcbf97f02e7748

  • SHA256

    af47bed31dccde8b7f61405facf49ac172e7a58af7449e53373166b58cc6052f

  • SHA512

    d764c583f1c159fa305c72c8c0c40c6a15ca74818d7cb3cd0e4d51eae5922544be5780dd29ad19cfde91bf248aa8b36feda842cf4f4ee450cb4e029d33ad3665

Score
10/10
dridex10444botnetloader

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

194.225.58.214:443

211.110.44.63:5353

69.164.207.140:3388

198.57.200.100:3786
rc4.plain
rc4.plain

Targets

    • Target

      SecuriteInfo.com.Trojan.Dridex.735.17436.18814

    • Size

      848KB

    • MD5

      054163a5c03b3729bef9f9dd63ff7945

    • SHA1

      6eccd0c7a2e7519f083ad9ee14dcbf97f02e7748

    • SHA256

      af47bed31dccde8b7f61405facf49ac172e7a58af7449e53373166b58cc6052f

    • SHA512

      d764c583f1c159fa305c72c8c0c40c6a15ca74818d7cb3cd0e4d51eae5922544be5780dd29ad19cfde91bf248aa8b36feda842cf4f4ee450cb4e029d33ad3665

    Score
    10/10
    dridex10444botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks