Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68c57b149ed9722bee67574bb138afc8ef01665480d9492e699b6bddc7f2e394

  • Size

    162KB

  • Sample

    210620-8sa6qd27r2

  • MD5

    38285a01d1aa3959dd9807e18af54a93

  • SHA1

    d0f0f152b0b092212e2cca6ef87bb4662f35b84d

  • SHA256

    68c57b149ed9722bee67574bb138afc8ef01665480d9492e699b6bddc7f2e394

  • SHA512

    5ab68b2e4f2831dd4cf6096e678ca29453ec3e9626c9c27d8962c2bb35fa78b0a0b06eb00e93f850c0d0d9ec313a55bef5c6ec7bd60ecc5f5520fb8e87b6d0be

Score
10/10
dridex40112botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172
rc4.plain
rc4.plain

Targets

    • Target

      68c57b149ed9722bee67574bb138afc8ef01665480d9492e699b6bddc7f2e394

    • Size

      162KB

    • MD5

      38285a01d1aa3959dd9807e18af54a93

    • SHA1

      d0f0f152b0b092212e2cca6ef87bb4662f35b84d

    • SHA256

      68c57b149ed9722bee67574bb138afc8ef01665480d9492e699b6bddc7f2e394

    • SHA512

      5ab68b2e4f2831dd4cf6096e678ca29453ec3e9626c9c27d8962c2bb35fa78b0a0b06eb00e93f850c0d0d9ec313a55bef5c6ec7bd60ecc5f5520fb8e87b6d0be

    Score
    10/10
    dridex40112botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks