dridex | d96081b81c4bd154d5ad570f769235301e5aa396f6d93adbe3dd13036418a423 | Triage

Sharing

General

Target

d96081b81c4bd154d5ad570f769235301e5aa396f6d93adbe3dd13036418a423
Size

154KB
Sample

210421-jhb8kc3f9n
MD5

9461b137bbe1cf11bb1394124f6186f1
SHA1

c11a6edacd214c1448751270f866ee326b9b63aa
SHA256

d96081b81c4bd154d5ad570f769235301e5aa396f6d93adbe3dd13036418a423
SHA512

ba54c23516ff131ed3c72fbf2416be6f5703027183ee4ed498199a2b905825117b297daa7a581c0b2cc67c2a70543c77c4d407960d33d2b342cee1f9e4d6a2ee

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172

rc4.plain

rc4.plain

Targets

- Target
  
  d96081b81c4bd154d5ad570f769235301e5aa396f6d93adbe3dd13036418a423
- Size
  
  154KB
- MD5
  
  9461b137bbe1cf11bb1394124f6186f1
- SHA1
  
  c11a6edacd214c1448751270f866ee326b9b63aa
- SHA256
  
  d96081b81c4bd154d5ad570f769235301e5aa396f6d93adbe3dd13036418a423
- SHA512
  
  ba54c23516ff131ed3c72fbf2416be6f5703027183ee4ed498199a2b905825117b297daa7a581c0b2cc67c2a70543c77c4d407960d33d2b342cee1f9e4d6a2ee
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan

behavioral2

dridex40111botnetevasionloadertrojan