Overview

overview

10

Static

static

SecuriteIn...38.dll

windows7_x64

10

SecuriteIn...38.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.W32.AIDetect.malware1.15650.16838

  • Size

    468KB

  • Sample

    211220-299yqscgdr

  • MD5

    4835eca57236dbc209cb774f68db4809

  • SHA1

    70f2d9381d8b04cfb34cad20254de1704ff6d40a

  • SHA256

    21b2d88c08031360ac8030f7a8a147f203a44d1ace183dd17975eda2a093c4ff

  • SHA512

    e05a9de15c6cde257d4caf02ad05feb7f802f15b05596707c0a5523c8e3e8c1dfbd98ae43befdb58bc162ee90adec3e202e56560ffe8ecb4ac58c8eaa5bfe782

Score
10/10
dridex22206botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22206

C2

120.50.40.185:443

139.59.14.223:8172

121.40.104.209:6602

139.162.113.169:593
rc4.plain
rc4.plain

Targets

    • Target

      SecuriteInfo.com.W32.AIDetect.malware1.15650.16838

    • Size

      468KB

    • MD5

      4835eca57236dbc209cb774f68db4809

    • SHA1

      70f2d9381d8b04cfb34cad20254de1704ff6d40a

    • SHA256

      21b2d88c08031360ac8030f7a8a147f203a44d1ace183dd17975eda2a093c4ff

    • SHA512

      e05a9de15c6cde257d4caf02ad05feb7f802f15b05596707c0a5523c8e3e8c1dfbd98ae43befdb58bc162ee90adec3e202e56560ffe8ecb4ac58c8eaa5bfe782

    Score
    10/10
    dridex22206botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks