dridex | e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc | Triage

Submit
Reports

Overview

overview

Static

static

e4e1367da0...bc.dll

windows7_x64

e4e1367da0...bc.dll

windows10-2004_x64

Sharing

General

Target

e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc
Size

1.4MB
Sample

220417-t3gdvadgc9
MD5

f4bcb941c97f7dac07b0309ec4ff3a12
SHA1

45b175cc4e41c4c8ab4728066667f24d0f854cc5
SHA256

e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc
SHA512

5f815461b69fa93ee3721a9999a839f66a58b3ca2877c3f6feb8315a3dc25a03af5e9cde1525fbe091bdb5993fd3cfb81b23141398f5633ad633fa0618eb7b49

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc
- Size
  
  1.4MB
- MD5
  
  f4bcb941c97f7dac07b0309ec4ff3a12
- SHA1
  
  45b175cc4e41c4c8ab4728066667f24d0f854cc5
- SHA256
  
  e4e1367da00057aa0db3eff4ba03485895246438e8981b4fca7ab2b96f911cbc
- SHA512
  
  5f815461b69fa93ee3721a9999a839f66a58b3ca2877c3f6feb8315a3dc25a03af5e9cde1525fbe091bdb5993fd3cfb81b23141398f5633ad633fa0618eb7b49
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy