Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    438c66fb365afa484518a37f4c1ad95b9d5d4990ae6e84d3a3609dcba035a415

  • Size

    175KB

  • Sample

    210727-2ns3dfs98j

  • MD5

    643490e54bf3f8046fdc3291706c731e

  • SHA1

    f3fe8e21c5e9037030a956ffe694967336392f48

  • SHA256

    438c66fb365afa484518a37f4c1ad95b9d5d4990ae6e84d3a3609dcba035a415

  • SHA512

    f91af2889711a7afbe6edb957e053da67a1b090b420c90573d3928712cccf205da2e71d8b855daa4127a46fd956a450baa03f3cec0ab868e11e3f382557216bd

Score
10/10
dridex22201botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

45.79.33.48:443

139.162.202.74:5007

68.183.216.174:7443
rc4.plain
rc4.plain

Targets

    • Target

      438c66fb365afa484518a37f4c1ad95b9d5d4990ae6e84d3a3609dcba035a415

    • Size

      175KB

    • MD5

      643490e54bf3f8046fdc3291706c731e

    • SHA1

      f3fe8e21c5e9037030a956ffe694967336392f48

    • SHA256

      438c66fb365afa484518a37f4c1ad95b9d5d4990ae6e84d3a3609dcba035a415

    • SHA512

      f91af2889711a7afbe6edb957e053da67a1b090b420c90573d3928712cccf205da2e71d8b855daa4127a46fd956a450baa03f3cec0ab868e11e3f382557216bd

    Score
    10/10
    dridex22201botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks