Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

  • Size

    158KB

  • Sample

    210621-xgjq6sx7ca

  • MD5

    45ea2cfabfdbb0b4a810f52051e89775

  • SHA1

    f3884a86860c086fb440634ddc549bead573b375

  • SHA256

    93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

  • SHA512

    30533cf2d887204e4a6ca727a9312fac6457214d398e7ece396af9de63e14c7c503042d8efcb6c0440189edbff677de84372538a336b6d1254bd814ee5380487

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172
rc4.plain
rc4.plain

Targets

    • Target

      93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

    • Size

      158KB

    • MD5

      45ea2cfabfdbb0b4a810f52051e89775

    • SHA1

      f3884a86860c086fb440634ddc549bead573b375

    • SHA256

      93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

    • SHA512

      30533cf2d887204e4a6ca727a9312fac6457214d398e7ece396af9de63e14c7c503042d8efcb6c0440189edbff677de84372538a336b6d1254bd814ee5380487

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks