dridex | 7de9999c132bb4b44834a2c3610456cae8ad38c561c26d03e73ff7effd203138 | Triage

Sharing

General

Target

7de9999c132bb4b44834a2c3610456cae8ad38c561c26d03e73ff7effd203138
Size

157KB
Sample

210421-bf2lzyq99x
MD5

b4df5a152627fd240feac17b34eb79d4
SHA1

2702d64c10164b9b6e388be8c7f8d1123f74ea22
SHA256

7de9999c132bb4b44834a2c3610456cae8ad38c561c26d03e73ff7effd203138
SHA512

75eadb49656f8ecf98f473b1c05d5e1e137e4058d44208b2783562250c79d7de29b8d0288a2592c6710ca2f52ac1b3e5e5690b158153a7dd8069619a4431e42a

Score

10^/10

dridex 40112 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172

rc4.plain

rc4.plain

Targets

- Target
  
  7de9999c132bb4b44834a2c3610456cae8ad38c561c26d03e73ff7effd203138
- Size
  
  157KB
- MD5
  
  b4df5a152627fd240feac17b34eb79d4
- SHA1
  
  2702d64c10164b9b6e388be8c7f8d1123f74ea22
- SHA256
  
  7de9999c132bb4b44834a2c3610456cae8ad38c561c26d03e73ff7effd203138
- SHA512
  
  75eadb49656f8ecf98f473b1c05d5e1e137e4058d44208b2783562250c79d7de29b8d0288a2592c6710ca2f52ac1b3e5e5690b158153a7dd8069619a4431e42a
Score

10^/10

dridex 40112 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40112botnetevasionloadertrojan

behavioral2

dridex40112botnetevasionloadertrojan