Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfe3e39efa6d752d93e69a3b7c581bbf64a5c31fa07158416db35006930cc0c7

  • Size

    154KB

  • Sample

    210421-ws5rbjm2zj

  • MD5

    e2ac10c4caeedfca21b37918d2ada7e0

  • SHA1

    3b5476797c1b1448f9d3606dfe2023229f943671

  • SHA256

    cfe3e39efa6d752d93e69a3b7c581bbf64a5c31fa07158416db35006930cc0c7

  • SHA512

    327652acca300ce44788cc92976597d25a090efdd39f268f83d4c9409b0c9275329488abb2765dc71386d0b644044d709aca7e7739166bd7f54bddb4d9d6040d

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

159.8.59.82:443

51.91.156.39:2303

67.196.50.240:8172
rc4.plain
rc4.plain

Targets

    • Target

      cfe3e39efa6d752d93e69a3b7c581bbf64a5c31fa07158416db35006930cc0c7

    • Size

      154KB

    • MD5

      e2ac10c4caeedfca21b37918d2ada7e0

    • SHA1

      3b5476797c1b1448f9d3606dfe2023229f943671

    • SHA256

      cfe3e39efa6d752d93e69a3b7c581bbf64a5c31fa07158416db35006930cc0c7

    • SHA512

      327652acca300ce44788cc92976597d25a090efdd39f268f83d4c9409b0c9275329488abb2765dc71386d0b644044d709aca7e7739166bd7f54bddb4d9d6040d

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks