Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1fcaa19b6fe3b42f68938cc460fffae2456e471fe88ab39206bc19684579a2e3

  • Size

    154KB

  • Sample

    210421-tq5h9wad52

  • MD5

    7a998446cfc0191eac9ee7f72b653cc5

  • SHA1

    f485dde4f1b15b85be8ba24aaced4b87eac52e47

  • SHA256

    1fcaa19b6fe3b42f68938cc460fffae2456e471fe88ab39206bc19684579a2e3

  • SHA512

    d8c15206146e1637672aad1071bd8c8d0e4dea2a39b322aaad78482a99eab8318d9d93fceceafa8d9e1db59ca763f3fb6b491a071d1c55f4686c98c0978c3000

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172
rc4.plain
rc4.plain

Targets

    • Target

      1fcaa19b6fe3b42f68938cc460fffae2456e471fe88ab39206bc19684579a2e3

    • Size

      154KB

    • MD5

      7a998446cfc0191eac9ee7f72b653cc5

    • SHA1

      f485dde4f1b15b85be8ba24aaced4b87eac52e47

    • SHA256

      1fcaa19b6fe3b42f68938cc460fffae2456e471fe88ab39206bc19684579a2e3

    • SHA512

      d8c15206146e1637672aad1071bd8c8d0e4dea2a39b322aaad78482a99eab8318d9d93fceceafa8d9e1db59ca763f3fb6b491a071d1c55f4686c98c0978c3000

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks