dridex | 2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1 | Triage

Submit
Reports

Overview

overview

Static

static

2dabd9d734...e1.dll

windows7_x64

2dabd9d734...e1.dll

windows10-2004_x64

Sharing

General

Target

2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1
Size

1.4MB
Sample

220417-t3x2laahfp
MD5

93ba44fe28e716dd7d99748f6b093c32
SHA1

3691be58d3a71488e29ea4a0d4bbbcbd301e42ee
SHA256

2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1
SHA512

a702dac638b7d0aa2798a76befab9fac510868bd1d709fb917690e6a234da192e1ba7a08f82c351701c586a8dcaa3624f87cf18d52ee49bfba5a4816d136873a

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1
- Size
  
  1.4MB
- MD5
  
  93ba44fe28e716dd7d99748f6b093c32
- SHA1
  
  3691be58d3a71488e29ea4a0d4bbbcbd301e42ee
- SHA256
  
  2dabd9d734c7d34448d9788baffa67d710d3fd3187425d8f48e6c84837bdfce1
- SHA512
  
  a702dac638b7d0aa2798a76befab9fac510868bd1d709fb917690e6a234da192e1ba7a08f82c351701c586a8dcaa3624f87cf18d52ee49bfba5a4816d136873a
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy