Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cbcb89cd1ff720b7aee41a4973a7fe8c552a9b30fcb7f504599997ed49f23d2

  • Size

    158KB

  • Sample

    210620-n6v4sfsga6

  • MD5

    e1217f54c25cf21fb9c4d46116c7abb8

  • SHA1

    f0b27611ec4c17505a3ad0541dfd2917bd6aad51

  • SHA256

    3cbcb89cd1ff720b7aee41a4973a7fe8c552a9b30fcb7f504599997ed49f23d2

  • SHA512

    b8a1681c8754eb6e6b0963e2741c13c9af13cabbb880645f7b3d1518911e2ca2ab48e5658534b2ea89cf6064872bfa7d581b6b728f95720d5ea9926b6767fd21

Score
10/10
dridex40112botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172
rc4.plain
rc4.plain

Targets

    • Target

      3cbcb89cd1ff720b7aee41a4973a7fe8c552a9b30fcb7f504599997ed49f23d2

    • Size

      158KB

    • MD5

      e1217f54c25cf21fb9c4d46116c7abb8

    • SHA1

      f0b27611ec4c17505a3ad0541dfd2917bd6aad51

    • SHA256

      3cbcb89cd1ff720b7aee41a4973a7fe8c552a9b30fcb7f504599997ed49f23d2

    • SHA512

      b8a1681c8754eb6e6b0963e2741c13c9af13cabbb880645f7b3d1518911e2ca2ab48e5658534b2ea89cf6064872bfa7d581b6b728f95720d5ea9926b6767fd21

    Score
    10/10
    dridex40112botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks