dridex | 5c702bade3f8adc94fa5433b35274d28712ea44892d4e37ee4a41deccdc7e1fd | Triage

Submit
Reports

Overview

overview

Static

static

3_sbs_mscorsec.dll

windows7_x64

3_sbs_mscorsec.dll

windows10_x64

Sharing

General

Target

3_sbs_mscorsec.dll
Size

244KB
Sample

211018-wevbxafbbk
MD5

6b3416e2c517621b5d670800a30d484f
SHA1

99a6cb09bfbff5bd041b25648f90779f5541c52f
SHA256

5c702bade3f8adc94fa5433b35274d28712ea44892d4e37ee4a41deccdc7e1fd
SHA512

fe5a43641b55bbaea7c194df6d336579fa046f75233d066a507b87faceb7a46271fa7b2e5293bd4cc4daeaa7ff8e699a310567a6deea999c9c82795f942cf929

Score

10^/10

dridex 22201 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

3_sbs_mscorsec.dll

Resource

win7-en-20210920

dridex 22201 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3_sbs_mscorsec.dll

Resource

win10-en-20210920

dridex 22201 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

195.154.146.84:443

45.56.121.87:8116

157.245.222.44:5723

rc4.plain

rc4.plain

Targets

- Target
  
  3_sbs_mscorsec.dll
- Size
  
  244KB
- MD5
  
  6b3416e2c517621b5d670800a30d484f
- SHA1
  
  99a6cb09bfbff5bd041b25648f90779f5541c52f
- SHA256
  
  5c702bade3f8adc94fa5433b35274d28712ea44892d4e37ee4a41deccdc7e1fd
- SHA512
  
  fe5a43641b55bbaea7c194df6d336579fa046f75233d066a507b87faceb7a46271fa7b2e5293bd4cc4daeaa7ff8e699a310567a6deea999c9c82795f942cf929
Score

10^/10

dridex 22201 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22201botnetloader

behavioral2

dridex22201botnetloader

© 2018-2024

Terms | Privacy