dridex | 4b6327fde87295f4d0a1a6b2f24dfeaffa75668e53b598a4dd912d1792f61c1c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

4b6327fde87295f4d0a1a6b2f24dfeaffa75668e53b598a4dd912d1792f61c1c
Size

170KB
Sample

210610-6cf73z67mn
MD5

29262ef72798b020df30baca88200166
SHA1

6a653a35997d81af146db6884105bce66ff73ad6
SHA256

4b6327fde87295f4d0a1a6b2f24dfeaffa75668e53b598a4dd912d1792f61c1c
SHA512

ff90bcf4b9882d117b61a38fa94a9b2d20a777fc18fcea3808b836c373d52954465b798fbb57847efd2eadc2adb21dddeb306105fd3464d1342510f8d5af7bd1

Score

10^/10

dridex 22201 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

4b6327fde87295f4d0a1a6b2f24dfeaffa75668e53b598a4dd912d1792f61c1c.dll

Resource

win10v20210408

dridex 22201 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain

rc4.plain

Targets

- Target
  
  4b6327fde87295f4d0a1a6b2f24dfeaffa75668e53b598a4dd912d1792f61c1c
- Size
  
  170KB
- MD5
  
  29262ef72798b020df30baca88200166
- SHA1
  
  6a653a35997d81af146db6884105bce66ff73ad6
- SHA256
  
  4b6327fde87295f4d0a1a6b2f24dfeaffa75668e53b598a4dd912d1792f61c1c
- SHA512
  
  ff90bcf4b9882d117b61a38fa94a9b2d20a777fc18fcea3808b836c373d52954465b798fbb57847efd2eadc2adb21dddeb306105fd3464d1342510f8d5af7bd1
Score

10^/10

dridex 22201 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Suspicious use of NtCreateProcessExOtherParentProcess
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22201botnetloader

© 2018-2024

Terms | Privacy