dridex | 7cc0d16fe4e01e60f5eed66d1d6e58a9143129e8326cb16f8126664ce821f2d1 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...81.dll

windows7_x64

SecuriteIn...81.dll

windows10_x64

Sharing

General

Target

SecuriteInfo.com.W32.AIDetect.malware1.2161.25481
Size

468KB
Sample

211220-3avkfacggk
MD5

1fb4f42e369bea3b8571a3b562125601
SHA1

16e5a0b04989f7516d5fd0c55a027382808d1254
SHA256

7cc0d16fe4e01e60f5eed66d1d6e58a9143129e8326cb16f8126664ce821f2d1
SHA512

606f58fa3be337181bd5b12f720a4f710c686dded040ac83522070ae07c1c60b7935a162a08b2c1030932706786b05f144bd63dca1a5bda6e3ecb297d183822c

Score

10^/10

dridex 22206 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.W32.AIDetect.malware1.2161.25481.dll

Resource

win7-en-20211208

dridex 22206 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.W32.AIDetect.malware1.2161.25481.dll

Resource

win10-en-20211208

dridex 22206 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22206

C2

120.50.40.185:443

139.59.14.223:8172

121.40.104.209:6602

139.162.113.169:593

rc4.plain

rc4.plain

Targets

- Target
  
  SecuriteInfo.com.W32.AIDetect.malware1.2161.25481
- Size
  
  468KB
- MD5
  
  1fb4f42e369bea3b8571a3b562125601
- SHA1
  
  16e5a0b04989f7516d5fd0c55a027382808d1254
- SHA256
  
  7cc0d16fe4e01e60f5eed66d1d6e58a9143129e8326cb16f8126664ce821f2d1
- SHA512
  
  606f58fa3be337181bd5b12f720a4f710c686dded040ac83522070ae07c1c60b7935a162a08b2c1030932706786b05f144bd63dca1a5bda6e3ecb297d183822c
Score

10^/10

dridex 22206 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22206botnetloader

behavioral2

dridex22206botnetloader

© 2018-2024

Terms | Privacy