Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77649bf345b612603377c6b0446411d20581bacc4d4bbcd295984fe89876a50d

  • Size

    160KB

  • Sample

    210623-3ty414wpqe

  • MD5

    e15c4f43999d3f4a51f284e5ef857af0

  • SHA1

    c9a14adfc6067fbff98aeb677c480b786f23a5a7

  • SHA256

    77649bf345b612603377c6b0446411d20581bacc4d4bbcd295984fe89876a50d

  • SHA512

    c88f487a5546915676d73cd41452ec75902a3caf7f1eb9e8fc33a0c91ab8a71cc30e1b9d2d0b1e5d7d3ef92fe34b515fcfa70473036f7e58f42f37704530b85c

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

94.247.168.64:443

159.203.93.122:8172

50.116.27.97:2303
rc4.plain
rc4.plain

Targets

    • Target

      77649bf345b612603377c6b0446411d20581bacc4d4bbcd295984fe89876a50d

    • Size

      160KB

    • MD5

      e15c4f43999d3f4a51f284e5ef857af0

    • SHA1

      c9a14adfc6067fbff98aeb677c480b786f23a5a7

    • SHA256

      77649bf345b612603377c6b0446411d20581bacc4d4bbcd295984fe89876a50d

    • SHA512

      c88f487a5546915676d73cd41452ec75902a3caf7f1eb9e8fc33a0c91ab8a71cc30e1b9d2d0b1e5d7d3ef92fe34b515fcfa70473036f7e58f42f37704530b85c

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks