dridex | 2d8223ba637f3be700601fcc922bed02dc5ce060a23c2c34138dfcd9362320e8 | Triage

Submit
Reports

Overview

overview

Static

static

5_.dll

windows7_x64

5_.dll

windows10_x64

Sharing

General

Target

5_.dll
Size

180KB
Sample

211020-sctqtahbg3
MD5

08c304d50ad0d6f861a2e81e95cf0b75
SHA1

91c1774abb3f92e89b00635202f2e3b5afa2f4e1
SHA256

2d8223ba637f3be700601fcc922bed02dc5ce060a23c2c34138dfcd9362320e8
SHA512

fa72fbf54705fa38a4849392e1943f367f6876a3a848f90f26dbf30925cc75d3ab04d832d9dc1948720f368d378696a9fe7560996ceeda545ed3d3b09f6cad56

Score

10^/10

dridex 22203 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

5_.dll

Resource

win7-en-20210920

dridex 22203 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5_.dll

Resource

win10-en-20211014

dridex 22203 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

155.138.203.91:443

207.180.220.242:8116

46.101.142.214:6891

rc4.plain

rc4.plain

Targets

- Target
  
  5_.dll
- Size
  
  180KB
- MD5
  
  08c304d50ad0d6f861a2e81e95cf0b75
- SHA1
  
  91c1774abb3f92e89b00635202f2e3b5afa2f4e1
- SHA256
  
  2d8223ba637f3be700601fcc922bed02dc5ce060a23c2c34138dfcd9362320e8
- SHA512
  
  fa72fbf54705fa38a4849392e1943f367f6876a3a848f90f26dbf30925cc75d3ab04d832d9dc1948720f368d378696a9fe7560996ceeda545ed3d3b09f6cad56
Score

10^/10

dridex 22203 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22203botnetloader

behavioral2

dridex22203botnetloader

© 2018-2024

Terms | Privacy