dridex | 8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5 | Triage

Submit
Reports

Overview

overview

Static

static

8ed84dd8af...c5.dll

windows7_x64

8ed84dd8af...c5.dll

windows10_x64

Sharing

General

Target

8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5
Size

188KB
Sample

210303-kpy1d2p1l6
MD5

b82c44203565b6caf466acac04d83fde
SHA1

ebd75a6d04c05789d7f5d54f0d742b7866c1e030
SHA256

8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5
SHA512

36502bf06073cae10fc2da2ee358b031deb84c9b37a5ec4af6498b80a1e81e372ccd01ceff9518069a1793cb744bcc74c044c57d3585a171cf96c351accb8436

Score

10^/10

dridex 111 botnet discovery evasion loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5.dll

Resource

win7v20201028

dridex 111 botnet discovery evasion loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5.dll

Resource

win10v20201028

dridex 111 botnet discovery evasion loader trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

111

C2

116.251.211.158:443

216.10.242.142:6601

37.247.35.137:6601

rc4.plain

rc4.plain

Targets

- Target
  
  8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5
- Size
  
  188KB
- MD5
  
  b82c44203565b6caf466acac04d83fde
- SHA1
  
  ebd75a6d04c05789d7f5d54f0d742b7866c1e030
- SHA256
  
  8ed84dd8af7b239e60ca76852a684222b7e7c274362bff1913ef8dce0fe35cc5
- SHA512
  
  36502bf06073cae10fc2da2ee358b031deb84c9b37a5ec4af6498b80a1e81e372ccd01ceff9518069a1793cb744bcc74c044c57d3585a171cf96c351accb8436
Score

10^/10

dridex 111 botnet discovery evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridex111botnetdiscoveryevasionloadertrojan

behavioral2

dridex111botnetdiscoveryevasionloadertrojan

© 2018-2024

Terms | Privacy