Overview

overview

10

Static

static

907ff045a0...e1.dll

windows7_x64

10

907ff045a0...e1.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    907ff045a01396b4ad0772fdb4ce4924a4ef216475b6b5b6b381e1f1e22035e1

  • Size

    154KB

  • Sample

    210421-6dse62d2ka

  • MD5

    ba999a1020d47a65fc98d2ade57d1042

  • SHA1

    32bb05f26465e9b4143abf7b454e4e61808f0c8e

  • SHA256

    907ff045a01396b4ad0772fdb4ce4924a4ef216475b6b5b6b381e1f1e22035e1

  • SHA512

    46b356ec7ba929c08fc53a277806ac2e64e3f38483c21a02e77108613683cba57d63d1a8988ecb5f66f507b29d2a66566c6cd482bbd4fd8446f64ba813d4a5cb

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172
rc4.plain
rc4.plain

Targets

    • Target

      907ff045a01396b4ad0772fdb4ce4924a4ef216475b6b5b6b381e1f1e22035e1

    • Size

      154KB

    • MD5

      ba999a1020d47a65fc98d2ade57d1042

    • SHA1

      32bb05f26465e9b4143abf7b454e4e61808f0c8e

    • SHA256

      907ff045a01396b4ad0772fdb4ce4924a4ef216475b6b5b6b381e1f1e22035e1

    • SHA512

      46b356ec7ba929c08fc53a277806ac2e64e3f38483c21a02e77108613683cba57d63d1a8988ecb5f66f507b29d2a66566c6cd482bbd4fd8446f64ba813d4a5cb

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks