dridex | 3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d | Triage

Submit
Reports

Overview

overview

Static

static

9

3c400726f0...1d.exe

windows7_x64

3c400726f0...1d.exe

windows10_x64

Sharing

General

Target

3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d
Size

371KB
Sample

210518-37shvxa9hx
MD5

9a4538d3d6531fc700f23273f9c12c44
SHA1

f44927f8372340eb6352b538ae546752569ee736
SHA256

3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d
SHA512

a465a811f704653bfc9c68cd0929ab6328fb2816ee7f9deeaf54bf5961d35b85c13a7e9f1424afb127135a902d411550c22306003b3e8da1534eb8a89846cd2c

Score

10^/10

dridex botnet cryptone loader packer

Static task

static1

cryptone packer

Behavioral task

behavioral1

Sample

3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d.exe

Resource

win7v20210408

dridex botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d.exe

Resource

win10v20210408

dridex botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

C2

164.132.75.109:443

89.22.113.245:691

81.2.235.155:8443

212.53.140.12:3389

Targets

- Target
  
  3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d
- Size
  
  371KB
- MD5
  
  9a4538d3d6531fc700f23273f9c12c44
- SHA1
  
  f44927f8372340eb6352b538ae546752569ee736
- SHA256
  
  3c400726f0417e40e9eff27f87733dca8edee26f49b58fa26e78e7355bf9ff1d
- SHA512
  
  a465a811f704653bfc9c68cd0929ab6328fb2816ee7f9deeaf54bf5961d35b85c13a7e9f1424afb127135a902d411550c22306003b3e8da1534eb8a89846cd2c
Score

10^/10

dridex botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridexbotnetloader

behavioral2

dridexbotnetloader

© 2018-2024

Terms | Privacy