dridex | 125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100 | Triage

Submit
Reports

Overview

overview

Static

static

125af92abc...00.dll

windows7_x64

125af92abc...00.dll

windows10-2004_x64

8

Sharing

General

Target

125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100
Size

1MB
Sample

220417-t3zkesdge4
MD5

00714e5b7817307d473b8d3d6de0878b
SHA1

b00d6a8e8640050b692a81787cdb3135f0105707
SHA256

125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100
SHA512

fdc5901d68c800b525e40b4cb1bf4a5788e931156708b38531dd4f2cb5a3190979201b15d1480184f6692915a2622c0a81ebbfb2969576284245fd192fd0b035

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

Behavioral task

behavioral2

Sample

125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100.dll

Resource

win10v2004-20220414-en

evasion persistence trojan

Malware Config

Targets

- Target
  
  125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100
- Size
  
  1MB
- MD5
  
  00714e5b7817307d473b8d3d6de0878b
- SHA1
  
  b00d6a8e8640050b692a81787cdb3135f0105707
- SHA256
  
  125af92abcbe48f83b040f0bf432aac3baf61e19bf2a23f4b0200f5797836100
- SHA512
  
  fdc5901d68c800b525e40b4cb1bf4a5788e931156708b38531dd4f2cb5a3190979201b15d1480184f6692915a2622c0a81ebbfb2969576284245fd192fd0b035
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2023

Terms | Privacy