dridex | 12627600a70bff6a42e8319f71a2221338ff54332afbf6ae28f130f2cfde630b | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...38.dll

windows7_x64

SecuriteIn...38.dll

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Drixed-FJX8BBAC1F6E645.3462.6238
Size

180KB
Sample

211021-3c5hesahe6
MD5

8bbac1f6e64537bd91f903994912dc96
SHA1

9099279d268d3b3ded00bcc5294b8df79b7a6abe
SHA256

12627600a70bff6a42e8319f71a2221338ff54332afbf6ae28f130f2cfde630b
SHA512

4684a015de4a1bc2852000624adbd3243db72d3d544636c1713a475a71bc407707a8a6509fa956b5dc5bd071ca7e09ee33f4cde48baf62ff5d0ecb2725fb4b8f

Score

10^/10

dridex 22201 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Drixed-FJX8BBAC1F6E645.3462.6238.dll

Resource

win7-en-20211014

dridex 22201 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Drixed-FJX8BBAC1F6E645.3462.6238.dll

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain

rc4.plain

Targets

- Target
  
  SecuriteInfo.com.Drixed-FJX8BBAC1F6E645.3462.6238
- Size
  
  180KB
- MD5
  
  8bbac1f6e64537bd91f903994912dc96
- SHA1
  
  9099279d268d3b3ded00bcc5294b8df79b7a6abe
- SHA256
  
  12627600a70bff6a42e8319f71a2221338ff54332afbf6ae28f130f2cfde630b
- SHA512
  
  4684a015de4a1bc2852000624adbd3243db72d3d544636c1713a475a71bc407707a8a6509fa956b5dc5bd071ca7e09ee33f4cde48baf62ff5d0ecb2725fb4b8f
Score

10^/10

dridex 22201 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22201botnetloader

behavioral2

© 2018-2024

Terms | Privacy