dridex | f045bc5d0dc4890be3163fa236c403dab3d444e92fd5ddc0356dbf3f25f829af | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows7_x64

Sharing

General

Target

f045bc5d0dc4890be3163fa236c403dab3d444e92fd5ddc0356dbf3f25f829af
Size

830KB
Sample

210207-1495g9m5b6
MD5

8c1c54884b90c015330ef19c0cb0a4fc
SHA1

e222675107a78e19648479a3a994f63fcc58f2a2
SHA256

f045bc5d0dc4890be3163fa236c403dab3d444e92fd5ddc0356dbf3f25f829af
SHA512

bf4cbee52dfe8c7dd5ab33a8b8e121d9d9cc92b2ebf720026dc3dd4e48f16bb8a5c0970cf7a4dc18b547c3ed4632ae48b1628f46c85436d0dc947baaf886b4e3

Score

10^/10

dridex 10555 botnet discovery evasion loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

f045bc5d0dc4890be3163fa236c403dab3d444e92fd5ddc0356dbf3f25f829af.dll

Resource

win7v20201028

dridex 10555 botnet discovery evasion loader trojan

windows7_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10555

C2

146.164.126.197:443

69.16.193.166:9443

193.90.12.122:3098

157.245.103.132:14043

rc4.plain

rc4.plain

Targets

- Target
  
  f045bc5d0dc4890be3163fa236c403dab3d444e92fd5ddc0356dbf3f25f829af
- Size
  
  830KB
- MD5
  
  8c1c54884b90c015330ef19c0cb0a4fc
- SHA1
  
  e222675107a78e19648479a3a994f63fcc58f2a2
- SHA256
  
  f045bc5d0dc4890be3163fa236c403dab3d444e92fd5ddc0356dbf3f25f829af
- SHA512
  
  bf4cbee52dfe8c7dd5ab33a8b8e121d9d9cc92b2ebf720026dc3dd4e48f16bb8a5c0970cf7a4dc18b547c3ed4632ae48b1628f46c85436d0dc947baaf886b4e3
Score

10^/10

dridex 10555 botnet discovery evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridex10555botnetdiscoveryevasionloadertrojan

© 2018-2024

Terms | Privacy