dridex | 269cb92b769a15bbfb2170e9f6bc6a46816470714ad11281aa1cb39ad85ea319 | Triage

Sharing

General

Target

269cb92b769a15bbfb2170e9f6bc6a46816470714ad11281aa1cb39ad85ea319
Size

161KB
Sample

210421-sllzcgyx4j
MD5

ce012b3336d5f56fa9616dfe82d396a6
SHA1

89adeabb780b182a4ea1c768bd5a917dd9de424e
SHA256

269cb92b769a15bbfb2170e9f6bc6a46816470714ad11281aa1cb39ad85ea319
SHA512

9597dc25266c753fa4e56969c374ddeb51c323691c3b0f691b74a0e92b70280031e5276482406effba119191346d0f81939aae5d5d913403ec9ecfe759180302

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain

rc4.plain

Targets

- Target
  
  269cb92b769a15bbfb2170e9f6bc6a46816470714ad11281aa1cb39ad85ea319
- Size
  
  161KB
- MD5
  
  ce012b3336d5f56fa9616dfe82d396a6
- SHA1
  
  89adeabb780b182a4ea1c768bd5a917dd9de424e
- SHA256
  
  269cb92b769a15bbfb2170e9f6bc6a46816470714ad11281aa1cb39ad85ea319
- SHA512
  
  9597dc25266c753fa4e56969c374ddeb51c323691c3b0f691b74a0e92b70280031e5276482406effba119191346d0f81939aae5d5d913403ec9ecfe759180302
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan