Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    069a3ac294f13cbbf8f7c6a36c731149e71e66e21e62a5971ac54d7d6733d9b8

  • Size

    158KB

  • Sample

    210623-g31hdv2wma

  • MD5

    84396b4fdf2f91c17fcb7501eac498f8

  • SHA1

    625eb0446583d7aed7aaeae0bf728056dfd79ac6

  • SHA256

    069a3ac294f13cbbf8f7c6a36c731149e71e66e21e62a5971ac54d7d6733d9b8

  • SHA512

    a1c7aec27264688edda1cce904a4af7a410e123748bd96cc554fbd9ed8a2933bd676937cc2bdaabc1ae75a387161151c0bd6f8a3701adc095426704987d67901

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172
rc4.plain
rc4.plain

Targets

    • Target

      069a3ac294f13cbbf8f7c6a36c731149e71e66e21e62a5971ac54d7d6733d9b8

    • Size

      158KB

    • MD5

      84396b4fdf2f91c17fcb7501eac498f8

    • SHA1

      625eb0446583d7aed7aaeae0bf728056dfd79ac6

    • SHA256

      069a3ac294f13cbbf8f7c6a36c731149e71e66e21e62a5971ac54d7d6733d9b8

    • SHA512

      a1c7aec27264688edda1cce904a4af7a410e123748bd96cc554fbd9ed8a2933bd676937cc2bdaabc1ae75a387161151c0bd6f8a3701adc095426704987d67901

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks