Overview

overview

10

Static

static

84d3573747...fd.exe

windows7_x64

10

84d3573747...fd.exe

windows10_x64

10

Analysis

  • max time kernel
    177s
  • max time network
    206s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    21-01-2022 23:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    84d3573747fbdf7ca822fd5a48726484c8b617e74a920dc2a68dd039b8f576fd.exe

  • Size

    196KB

  • MD5

    482bd720d61f1ab110083d5109261895

  • SHA1

    226e1002de495179b1be5db8ab4b3cca05441b4a

  • SHA256

    84d3573747fbdf7ca822fd5a48726484c8b617e74a920dc2a68dd039b8f576fd

  • SHA512

    cc57bc50226c79eebf723a4a523393edd4adbd1aab6ad6ebc47835439c7ea199eee9c365940f3e54f1c6e98a18cac94dac547ba39273fea3d869f79be330009c

Score
10/10
dridex12333botnet

Malware Config

Extracted

Family

dridex

Botnet

12333

C2

82.196.3.235:443

51.178.161.32:4643

96.8.113.4:34443
rc4.plain
rc4.plain

Signatures

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

Processes

  • C:\Users\Admin\AppData\Local\Temp\84d3573747fbdf7ca822fd5a48726484c8b617e74a920dc2a68dd039b8f576fd.exe
    "C:\Users\Admin\AppData\Local\Temp\84d3573747fbdf7ca822fd5a48726484c8b617e74a920dc2a68dd039b8f576fd.exe"
    1⤵
      PID:3244

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3244-118-0x0000000002210000-0x0000000002216000-memory.dmp
      Filesize

      24KB

      Download
    • memory/3244-119-0x0000000010000000-0x0000000010031000-memory.dmp
      Filesize

      196KB

      Download