Overview

overview

10

Static

static

b7875b3c9f...a8.dll

windows7_x64

10

b7875b3c9f...a8.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7875b3c9f2ea4d250a68b23869776a8

  • Size

    173KB

  • Sample

    210727-gxs5wpbbz6

  • MD5

    b7875b3c9f2ea4d250a68b23869776a8

  • SHA1

    bb89bdc18c8258fbd2b6f9befd60365ee39f4536

  • SHA256

    581305130377c5a6cc8fe10f6e698758da36cfd857981dbb1da867f202429653

  • SHA512

    ec9ccab2b8bc04d2e2951bdbf3fd29676b8d457f6c6cb454b422aed753e17fde3c4cfe0efb22f0f29b8df60938b2bd0b4dbe372a28dc3e573fa8f8372c86b877

Score
10/10
dridex22202botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

45.79.33.48:443

139.162.202.74:5007

68.183.216.174:7443
rc4.plain
rc4.plain

Targets

    • Target

      b7875b3c9f2ea4d250a68b23869776a8

    • Size

      173KB

    • MD5

      b7875b3c9f2ea4d250a68b23869776a8

    • SHA1

      bb89bdc18c8258fbd2b6f9befd60365ee39f4536

    • SHA256

      581305130377c5a6cc8fe10f6e698758da36cfd857981dbb1da867f202429653

    • SHA512

      ec9ccab2b8bc04d2e2951bdbf3fd29676b8d457f6c6cb454b422aed753e17fde3c4cfe0efb22f0f29b8df60938b2bd0b4dbe372a28dc3e573fa8f8372c86b877

    Score
    10/10
    dridex22202botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks