dridex | 935f7635d8f31a1a4a9c7081f9eada5ebd9ea3acc769e803c6ec936d20411d1d | Triage

Sharing

General

Target

935f7635d8f31a1a4a9c7081f9eada5ebd9ea3acc769e803c6ec936d20411d1d
Size

158KB
Sample

210623-61qbb9tc2n
MD5

6f8506c636f724806c596fe1f426b223
SHA1

7e4dd424f827616d1d3debc21599da452fef4288
SHA256

935f7635d8f31a1a4a9c7081f9eada5ebd9ea3acc769e803c6ec936d20411d1d
SHA512

f4e1375c3dd823abeb889645ec930bb118a992d23d903b2f6d72d1b72c44616b46e07b55cc1515159eceab2157b50574346d6a56c63a9cc39c28f312027b3fee

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain

rc4.plain

Targets

- Target
  
  935f7635d8f31a1a4a9c7081f9eada5ebd9ea3acc769e803c6ec936d20411d1d
- Size
  
  158KB
- MD5
  
  6f8506c636f724806c596fe1f426b223
- SHA1
  
  7e4dd424f827616d1d3debc21599da452fef4288
- SHA256
  
  935f7635d8f31a1a4a9c7081f9eada5ebd9ea3acc769e803c6ec936d20411d1d
- SHA512
  
  f4e1375c3dd823abeb889645ec930bb118a992d23d903b2f6d72d1b72c44616b46e07b55cc1515159eceab2157b50574346d6a56c63a9cc39c28f312027b3fee
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan