Overview

overview

10

Static

static

10

c551a087d8...in.exe

windows7_x64

10

c551a087d8...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c551a087d86777b5be2561c343dbac728842f3b182fce12ac0d6d4e096af5e5a.bin

  • Size

    148KB

  • Sample

    210130-4jxq943yh2

  • MD5

    c4aef2b59c4655615f1264084a3a1ebd

  • SHA1

    7b099300c8b15ebb4f838d1763bb9fae9a247120

  • SHA256

    c551a087d86777b5be2561c343dbac728842f3b182fce12ac0d6d4e096af5e5a

  • SHA512

    fd932f93b155c2ccae783aa2d32334b9c861cd45dcfe4760413f288c53f510b2ce205695f75ff035fcb317ef3a141cbda17739baf3a2735cb815a9d964bd4f51

Score
10/10
dridex20445botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

20445

C2

213.136.94.177:443

91.83.93.219:3389

37.205.9.252:8443

213.192.1.171:4646
rc4.plain
rc4.plain

Targets

    • Target

      c551a087d86777b5be2561c343dbac728842f3b182fce12ac0d6d4e096af5e5a.bin

    • Size

      148KB

    • MD5

      c4aef2b59c4655615f1264084a3a1ebd

    • SHA1

      7b099300c8b15ebb4f838d1763bb9fae9a247120

    • SHA256

      c551a087d86777b5be2561c343dbac728842f3b182fce12ac0d6d4e096af5e5a

    • SHA512

      fd932f93b155c2ccae783aa2d32334b9c861cd45dcfe4760413f288c53f510b2ce205695f75ff035fcb317ef3a141cbda17739baf3a2735cb815a9d964bd4f51

    Score
    10/10
    dridex20445botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks