Overview

overview

10

Static

static

3e4571b9de...5d.dll

windows7_x64

10

3e4571b9de...5d.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e4571b9def27d631058ddbe108877782b028005d1705a76e342f728fcadb25d

  • Size

    157KB

  • Sample

    210421-s56zr1clsn

  • MD5

    595e2f4fc40add6fc1655e1969a5df57

  • SHA1

    6ac62ce5712c91fd6494c4bdf5b3830eaa7df698

  • SHA256

    3e4571b9def27d631058ddbe108877782b028005d1705a76e342f728fcadb25d

  • SHA512

    3f475b0b3367c67113ba6fdbfc9fdb08ec7a59d1636927f864766b466e92f3d2adf8f84180f2a0d984aca41bfa7031c88adf3c9ee0ab2429e1981d32a81be5f0

Score
10/10
dridex40112botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172
rc4.plain
rc4.plain

Targets

    • Target

      3e4571b9def27d631058ddbe108877782b028005d1705a76e342f728fcadb25d

    • Size

      157KB

    • MD5

      595e2f4fc40add6fc1655e1969a5df57

    • SHA1

      6ac62ce5712c91fd6494c4bdf5b3830eaa7df698

    • SHA256

      3e4571b9def27d631058ddbe108877782b028005d1705a76e342f728fcadb25d

    • SHA512

      3f475b0b3367c67113ba6fdbfc9fdb08ec7a59d1636927f864766b466e92f3d2adf8f84180f2a0d984aca41bfa7031c88adf3c9ee0ab2429e1981d32a81be5f0

    Score
    10/10
    dridex40112botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks