dridex | 74a551c38c3165128be5e8c58766a1c57d38b7183f6c9977cd1eeadce159a00f | Triage

Submit
Reports

Overview

overview

Static

static

8

265666_BOL.xlsm

windows7_x64

1

265666_BOL.xlsm

windows10_x64

Sharing

General

Target

265666_BOL.xlsm
Size

35KB
Sample

210315-15rwg27zde
MD5

a9571044e94878cf4f9799c033305fb8
SHA1

86429d5ad991da1773fe4f485f7eea142ab5f00a
SHA256

74a551c38c3165128be5e8c58766a1c57d38b7183f6c9977cd1eeadce159a00f
SHA512

dad015bffb5d383139f462f6b55de7e3d7844d8bbf65d9a542e41b7489e404b3d22f89508f022d97a61875ecbeeae0918b91d9023a5a5cecc69ff1fdb246bdac

Score

10^/10

dridex 10444 botnet loader macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

265666_BOL.xlsm

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

265666_BOL.xlsm

Resource

win10v20201028

dridex 10444 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

210.65.244.184:443

147.78.186.4:10051

62.75.168.152:6601

rc4.plain

rc4.plain

Targets

- Target
  
  265666_BOL.xlsm
- Size
  
  35KB
- MD5
  
  a9571044e94878cf4f9799c033305fb8
- SHA1
  
  86429d5ad991da1773fe4f485f7eea142ab5f00a
- SHA256
  
  74a551c38c3165128be5e8c58766a1c57d38b7183f6c9977cd1eeadce159a00f
- SHA512
  
  dad015bffb5d383139f462f6b55de7e3d7844d8bbf65d9a542e41b7489e404b3d22f89508f022d97a61875ecbeeae0918b91d9023a5a5cecc69ff1fdb246bdac
Score

10^/10

dridex 10444 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

dridex10444botnetloader

© 2018-2024

Terms | Privacy