Overview

overview

10

Static

static

533dd75c72...34.dll

windows7_x64

10

533dd75c72...34.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    533dd75c72e307755761a1d5a4bfcf511b122c7d8d2a3adf7e3b81b725557c34

  • Size

    162KB

  • Sample

    210421-h67hxsft3j

  • MD5

    f975d4ed242fa53ec1ad72072ef9f4ef

  • SHA1

    87ec910dae7ff30ca78c243680bf930a0e00500c

  • SHA256

    533dd75c72e307755761a1d5a4bfcf511b122c7d8d2a3adf7e3b81b725557c34

  • SHA512

    6ef4528b4b195f5dd42867d3b2b62578c8a3d1a1d226df5ad1709d96b8beeaf7910a4a545dd9f8fb5d3c1bc1e87e8a1191910dcc45a27ebdbff18c41b92bbc90

Score
10/10
dridex40112botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172
rc4.plain
rc4.plain

Targets

    • Target

      533dd75c72e307755761a1d5a4bfcf511b122c7d8d2a3adf7e3b81b725557c34

    • Size

      162KB

    • MD5

      f975d4ed242fa53ec1ad72072ef9f4ef

    • SHA1

      87ec910dae7ff30ca78c243680bf930a0e00500c

    • SHA256

      533dd75c72e307755761a1d5a4bfcf511b122c7d8d2a3adf7e3b81b725557c34

    • SHA512

      6ef4528b4b195f5dd42867d3b2b62578c8a3d1a1d226df5ad1709d96b8beeaf7910a4a545dd9f8fb5d3c1bc1e87e8a1191910dcc45a27ebdbff18c41b92bbc90

    Score
    10/10
    dridex40112botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks