dridex | 6297bef1641cb6470c4c790f75088a766a10ad581c73a955a9bd06b60e368a92 | Triage

Sharing

General

Target

6297bef1641cb6470c4c790f75088a766a10ad581c73a955a9bd06b60e368a92
Size

154KB
Sample

210421-lr9p3rsq4s
MD5

826f49984d09f9bacaa176dc8038934e
SHA1

1d4880beb9d4200c9e36604591bc4c286ddaf080
SHA256

6297bef1641cb6470c4c790f75088a766a10ad581c73a955a9bd06b60e368a92
SHA512

11bdd8c3445f785cdc011e4b6a6057723625cdddebe19fe82a11617efd89fe2d455b4b9bc535ef816f38675ef7a2afaab6c077685a8f3b3e4ffa5d5671fecdfd

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172

rc4.plain

rc4.plain

Targets

- Target
  
  6297bef1641cb6470c4c790f75088a766a10ad581c73a955a9bd06b60e368a92
- Size
  
  154KB
- MD5
  
  826f49984d09f9bacaa176dc8038934e
- SHA1
  
  1d4880beb9d4200c9e36604591bc4c286ddaf080
- SHA256
  
  6297bef1641cb6470c4c790f75088a766a10ad581c73a955a9bd06b60e368a92
- SHA512
  
  11bdd8c3445f785cdc011e4b6a6057723625cdddebe19fe82a11617efd89fe2d455b4b9bc535ef816f38675ef7a2afaab6c077685a8f3b3e4ffa5d5671fecdfd
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan

behavioral2

dridex40111botnetevasionloadertrojan