Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d52b564f6c53d8513ff734b356b5cef8745dc21c4ba1d6747ccbf0dea35f972

  • Size

    162KB

  • Sample

    210421-1p4z93a3kj

  • MD5

    f20104594e9c8e0cc959015c1decf716

  • SHA1

    6a76579f8d7882ada5c669c084e7a6a9bfdc0802

  • SHA256

    3d52b564f6c53d8513ff734b356b5cef8745dc21c4ba1d6747ccbf0dea35f972

  • SHA512

    03ff0a238ad8e92dbdd024c8381ebffa12e05fa41c2b4a7ef5bf6ad7e432e01c6740b14c1777bc0b6534dc301dc516639b01a4134297df27bc579576f957dac1

Score
10/10
dridex40112botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172
rc4.plain
rc4.plain

Targets

    • Target

      3d52b564f6c53d8513ff734b356b5cef8745dc21c4ba1d6747ccbf0dea35f972

    • Size

      162KB

    • MD5

      f20104594e9c8e0cc959015c1decf716

    • SHA1

      6a76579f8d7882ada5c669c084e7a6a9bfdc0802

    • SHA256

      3d52b564f6c53d8513ff734b356b5cef8745dc21c4ba1d6747ccbf0dea35f972

    • SHA512

      03ff0a238ad8e92dbdd024c8381ebffa12e05fa41c2b4a7ef5bf6ad7e432e01c6740b14c1777bc0b6534dc301dc516639b01a4134297df27bc579576f957dac1

    Score
    10/10
    dridex40112botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks