dridex | 2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb | Triage

Submit
Reports

Overview

overview

Static

static

2fb06f555d...cb.dll

windows7_x64

8

2fb06f555d...cb.dll

windows10-2004_x64

Sharing

General

Target

2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb
Size

1MB
Sample

220417-t3w5asahfn
MD5

284579c3610621502f530cd9bcdd0e5f
SHA1

354fba659c8c50845b1c591ba452a4416b01263e
SHA256

2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb
SHA512

4667b6eb5a4a16918fdaecd3bbe7d9cd8954321b0b8e52d09ab1b8b407b9a4bb150fa95608b9aff8ad4c98f7bea02beb505b586c0e58d5d2601adf0c9b85ff92

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb.dll

Resource

win7-20220414-en

evasion persistence trojan

Behavioral task

behavioral2

Sample

2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

Malware Config

Targets

- Target
  
  2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb
- Size
  
  1MB
- MD5
  
  284579c3610621502f530cd9bcdd0e5f
- SHA1
  
  354fba659c8c50845b1c591ba452a4416b01263e
- SHA256
  
  2fb06f555d81adffa0f0f2b6e63a0dad50a6fda767668654fda0f971fd9d9ccb
- SHA512
  
  4667b6eb5a4a16918fdaecd3bbe7d9cd8954321b0b8e52d09ab1b8b407b9a4bb150fa95608b9aff8ad4c98f7bea02beb505b586c0e58d5d2601adf0c9b85ff92
Score

10^/10

evasion persistence trojan dridex botnet payload
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2023

Terms | Privacy