dridex | efcaafc8bf6f97c800e7a821444a082aa37ef9494a46e03e93f010b4685709ba | Triage

Sharing

General

Target

efcaafc8bf6f97c800e7a821444a082aa37ef9494a46e03e93f010b4685709ba
Size

158KB
Sample

210626-z8a2nxccgn
MD5

ab5a4775ed249abe6a1de474a833e69e
SHA1

94aebeaae61f74ac596b62abbe7e01bdc9a6bc47
SHA256

efcaafc8bf6f97c800e7a821444a082aa37ef9494a46e03e93f010b4685709ba
SHA512

08175edb17c735a973daf77ed68c6a5e6e8be9d065d90c50e63758538c077d133b04704e89d85643813e1a5209aede273177ec4f8803ec41d4688e96ca115fab

Score

10^/10

dridex 40111 botnet evasion loader trojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain

rc4.plain

Targets

- Target
  
  efcaafc8bf6f97c800e7a821444a082aa37ef9494a46e03e93f010b4685709ba
- Size
  
  158KB
- MD5
  
  ab5a4775ed249abe6a1de474a833e69e
- SHA1
  
  94aebeaae61f74ac596b62abbe7e01bdc9a6bc47
- SHA256
  
  efcaafc8bf6f97c800e7a821444a082aa37ef9494a46e03e93f010b4685709ba
- SHA512
  
  08175edb17c735a973daf77ed68c6a5e6e8be9d065d90c50e63758538c077d133b04704e89d85643813e1a5209aede273177ec4f8803ec41d4688e96ca115fab
Score

10^/10

dridex 40111 botnet evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetevasionloadertrojan