dridex | 674ea6b589e099d7016e6a0819c93c40635dad688c56bbe88864b17f8c2aba6a | Triage

Submit
Reports

Overview

overview

Static

static

1_FXSMON.dll

windows7_x64

1_FXSMON.dll

windows10_x64

Sharing

General

Target

1_FXSMON.dll
Size

180KB
Sample

211018-wlc17sfbcj
MD5

12e2b3b7496802dc7e43d1f33c7d49f7
SHA1

464558590e747b94ed79104e0f96fe3d8c183638
SHA256

674ea6b589e099d7016e6a0819c93c40635dad688c56bbe88864b17f8c2aba6a
SHA512

9b277da86d8c598e2c69c44c02cc9f7d77d6736e910dfa72313c3a946e47b0c1ad1e6c496bfe2932abccd59bc6134320bd2641d36234922baad04b186d660ce0

Score

10^/10

dridex 22203 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

1_FXSMON.dll

Resource

win7-en-20210920

dridex 22203 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1_FXSMON.dll

Resource

win10-en-20211014

dridex 22203 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

195.154.146.84:443

45.56.121.87:8116

157.245.222.44:5723

rc4.plain

rc4.plain

Targets

- Target
  
  1_FXSMON.dll
- Size
  
  180KB
- MD5
  
  12e2b3b7496802dc7e43d1f33c7d49f7
- SHA1
  
  464558590e747b94ed79104e0f96fe3d8c183638
- SHA256
  
  674ea6b589e099d7016e6a0819c93c40635dad688c56bbe88864b17f8c2aba6a
- SHA512
  
  9b277da86d8c598e2c69c44c02cc9f7d77d6736e910dfa72313c3a946e47b0c1ad1e6c496bfe2932abccd59bc6134320bd2641d36234922baad04b186d660ce0
Score

10^/10

dridex 22203 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22203botnetloader

behavioral2

dridex22203botnetloader

© 2018-2024

Terms | Privacy