Overview

overview

10

Static

static

SecuriteIn...04.dll

windows7_x64

10

SecuriteIn...04.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.W32.AIDetect.malware1.25325.29304

  • Size

    468KB

  • Sample

    211220-3at9nscgfl

  • MD5

    2afe138da2e9a343764ff68bb3c452d9

  • SHA1

    60d14085697fa9efb4bf6e8d72717f2684866b2e

  • SHA256

    dd5173abdb268c5833e6d1945dc61f87fd9aa807e3b610f547b47fc802f9f2b1

  • SHA512

    a27af87e34bce750f0ef0a65812926d7bbc05bab31e68057240861157237b917052ad213426fd365058beb8fbacbf1e95ff0f3d4720c802b5ade905d99951a14

Score
10/10
dridex22206botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22206

C2

120.50.40.185:443

139.59.14.223:8172

121.40.104.209:6602

139.162.113.169:593
rc4.plain
rc4.plain

Targets

    • Target

      SecuriteInfo.com.W32.AIDetect.malware1.25325.29304

    • Size

      468KB

    • MD5

      2afe138da2e9a343764ff68bb3c452d9

    • SHA1

      60d14085697fa9efb4bf6e8d72717f2684866b2e

    • SHA256

      dd5173abdb268c5833e6d1945dc61f87fd9aa807e3b610f547b47fc802f9f2b1

    • SHA512

      a27af87e34bce750f0ef0a65812926d7bbc05bab31e68057240861157237b917052ad213426fd365058beb8fbacbf1e95ff0f3d4720c802b5ade905d99951a14

    Score
    10/10
    dridex22206botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks