dridex | d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac | Triage

Submit
Reports

Overview

overview

Static

static

d88b0762c9...ac.dll

windows7_x64

d88b0762c9...ac.dll

windows10_x64

Sharing

General

Target

d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac
Size

1.6MB
Sample

210915-jgeysaabb3
MD5

145627385585a47d56ab66e05914334e
SHA1

5a57a5fc9ca77dc4a174f29d29b89642ae6d4f57
SHA256

d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac
SHA512

70a4a7533487ac88bfb4ea313e6f437a2b704326cc2740736a5e9bce4b754a1daa07b32f1b10cdc7ed8e638bb3262cf9f91a9faa6dbd6ef81e1b553a4727e3c6

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac.dll

Resource

win7-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac.dll

Resource

win10v20210408

dridex botnet evasion payload persistence trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac
- Size
  
  1.6MB
- MD5
  
  145627385585a47d56ab66e05914334e
- SHA1
  
  5a57a5fc9ca77dc4a174f29d29b89642ae6d4f57
- SHA256
  
  d88b0762c91122715c0cf186a0aa52c07fea100546b77eb489cbf273cc649aac
- SHA512
  
  70a4a7533487ac88bfb4ea313e6f437a2b704326cc2740736a5e9bce4b754a1daa07b32f1b10cdc7ed8e638bb3262cf9f91a9faa6dbd6ef81e1b553a4727e3c6
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy