dridex | 7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab | Triage

Submit
Reports

Overview

overview

Static

static

7818fc1e2f...ab.dll

windows7_x64

7818fc1e2f...ab.dll

windows10_x64

Sharing

General

Target

7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab
Size

1.4MB
Sample

211126-lerwnsbeej
MD5

915d143eb22a1278b9d2d56abe7d6fef
SHA1

32cb17ebd3a9da188a833c7f66f8018a3ad06b00
SHA256

7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab
SHA512

0c468fafedb26675d8c3d0dfaa30262f498b8c56b9d91f71e42b893e8e50aa5d05628cececb29285f773b4189edab83e659f8b3f736d8d3ab2aa8c48d7881d4e

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab.dll

Resource

win7-en-20211014

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab.dll

Resource

win10-en-20211104

dridex botnet evasion payload persistence trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab
- Size
  
  1.4MB
- MD5
  
  915d143eb22a1278b9d2d56abe7d6fef
- SHA1
  
  32cb17ebd3a9da188a833c7f66f8018a3ad06b00
- SHA256
  
  7818fc1e2f9e7df1ba5688ddc87f54b59b3e12c3d2c60393b50f9b56447ac2ab
- SHA512
  
  0c468fafedb26675d8c3d0dfaa30262f498b8c56b9d91f71e42b893e8e50aa5d05628cececb29285f773b4189edab83e659f8b3f736d8d3ab2aa8c48d7881d4e
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy