dridex | d9126eaf6ec170b66c28feee4bf1de2cf53401841dec245ce7ac50e3525f2a80 | Triage

Sharing

General

Target

d9126eaf6ec170b66c28feee4bf1de2cf53401841dec245ce7ac50e3525f2a80
Size

158KB
Sample

210618-da5mtg2emj
MD5

820f073b09a67f4b616c0383e29753c3
SHA1

508371a39335092e063844128e45f87a40a0b1d7
SHA256

d9126eaf6ec170b66c28feee4bf1de2cf53401841dec245ce7ac50e3525f2a80
SHA512

6d1c9b552c368d34555a51b365392957ec6b9c763d758d068d0836a2c19f10082817e3460272308cc232483d6095bc25495c44515f0493a56b115f7c7164ac64

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain

rc4.plain

Targets

- Target
  
  d9126eaf6ec170b66c28feee4bf1de2cf53401841dec245ce7ac50e3525f2a80
- Size
  
  158KB
- MD5
  
  820f073b09a67f4b616c0383e29753c3
- SHA1
  
  508371a39335092e063844128e45f87a40a0b1d7
- SHA256
  
  d9126eaf6ec170b66c28feee4bf1de2cf53401841dec245ce7ac50e3525f2a80
- SHA512
  
  6d1c9b552c368d34555a51b365392957ec6b9c763d758d068d0836a2c19f10082817e3460272308cc232483d6095bc25495c44515f0493a56b115f7c7164ac64
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan