dridex | b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de | Triage

Submit
Reports

Overview

overview

Static

static

b5b71c61a2...de.exe

windows7_x64

b5b71c61a2...de.exe

windows10_x64

Sharing

General

Target

b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de
Size

208KB
Sample

220121-29pykachcn
MD5

d5c5ea1d436275aabfe0627c3db55243
SHA1

24cbe40ffc34984ed6ce2a3304efde961fadaba0
SHA256

b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de
SHA512

d4937b6dc812bb6c52bace95d8a18d1100bdc74d6db5385a3fa0cfc156ae315d49c4e71d4e5fa1355cba15a54c17b1c14e2f70f7aef302abcdc7500cded8e021

Score

10^/10

dridex 40400 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de.exe

Resource

win7-en-20211208

dridex 40400 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de.exe

Resource

win10-en-20211208

dridex 40400 botnet loader

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

59.148.253.194:443

207.180.230.218:3389

2.58.16.87:8443

rc4.plain

rc4.plain

Targets

- Target
  
  b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de
- Size
  
  208KB
- MD5
  
  d5c5ea1d436275aabfe0627c3db55243
- SHA1
  
  24cbe40ffc34984ed6ce2a3304efde961fadaba0
- SHA256
  
  b5b71c61a29f80c667772f5d008789816e0c7a53193536fc660a6f72009b23de
- SHA512
  
  d4937b6dc812bb6c52bace95d8a18d1100bdc74d6db5385a3fa0cfc156ae315d49c4e71d4e5fa1355cba15a54c17b1c14e2f70f7aef302abcdc7500cded8e021
Score

10^/10

dridex 40400 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnetloader

behavioral2

dridex40400botnetloader

© 2018-2024

Terms | Privacy