Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e244a3383e299500f4b61ab57e413b8e661d55e470bbf3ff41c506507ddffac8

  • Size

    158KB

  • Sample

    210626-ze2p7gnd9s

  • MD5

    0f0fedd46cb4ab451c288bb34b37271c

  • SHA1

    b3f52e6cd19c9f7e550ee95e06243eb5ba035c08

  • SHA256

    e244a3383e299500f4b61ab57e413b8e661d55e470bbf3ff41c506507ddffac8

  • SHA512

    611921f83ef2b960b632da1c98471192609b090667d7c8c957dee687de36d5ff496260efd497ffaa375f8c2ffdd415d9354683b7ca936eba3ab84191968735e2

Score
10/10
dridex40111botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172
rc4.plain
rc4.plain

Targets

    • Target

      e244a3383e299500f4b61ab57e413b8e661d55e470bbf3ff41c506507ddffac8

    • Size

      158KB

    • MD5

      0f0fedd46cb4ab451c288bb34b37271c

    • SHA1

      b3f52e6cd19c9f7e550ee95e06243eb5ba035c08

    • SHA256

      e244a3383e299500f4b61ab57e413b8e661d55e470bbf3ff41c506507ddffac8

    • SHA512

      611921f83ef2b960b632da1c98471192609b090667d7c8c957dee687de36d5ff496260efd497ffaa375f8c2ffdd415d9354683b7ca936eba3ab84191968735e2

    Score
    10/10
    dridex40111botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks