dridex | 033ad037a4869a80498e06c35a8c9690c6dd79011d19cd9af55541190747f343 | Triage

Sharing

General

Target

033ad037a4869a80498e06c35a8c9690c6dd79011d19cd9af55541190747f343
Size

160KB
Sample

210622-x2zns5ct36
MD5

5d909152e3afa67baa2fdd6b34762167
SHA1

40922b808177319849e8d9a7178490fc317ad68d
SHA256

033ad037a4869a80498e06c35a8c9690c6dd79011d19cd9af55541190747f343
SHA512

8c1911e7b37a24110bdea4fdf3ae096adc241ad13f47aa3d955161d0da78272dc630f16d2b80a1bacddf0ae87e15529945e3252db508411a84769786d1115933

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

94.247.168.64:443

159.203.93.122:8172

50.116.27.97:2303

rc4.plain

rc4.plain

Targets

- Target
  
  033ad037a4869a80498e06c35a8c9690c6dd79011d19cd9af55541190747f343
- Size
  
  160KB
- MD5
  
  5d909152e3afa67baa2fdd6b34762167
- SHA1
  
  40922b808177319849e8d9a7178490fc317ad68d
- SHA256
  
  033ad037a4869a80498e06c35a8c9690c6dd79011d19cd9af55541190747f343
- SHA512
  
  8c1911e7b37a24110bdea4fdf3ae096adc241ad13f47aa3d955161d0da78272dc630f16d2b80a1bacddf0ae87e15529945e3252db508411a84769786d1115933
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan