dridex | f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92 | Triage

Submit
Reports

Overview

overview

Static

static

f6d275aec1...92.dll

windows7_x64

8

f6d275aec1...92.dll

windows10-2004_x64

Sharing

General

Target

f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92
Size

1.2MB
Sample

220419-ew441abfdn
MD5

7fe2e94e92e811267a97386b7db2c8c6
SHA1

195e82349b1267c21acadb5064c41116c882c354
SHA256

f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92
SHA512

2e473afafa91ad44dde63342a255747530e26be5ffa4d467110fdddd053671ad0207394dbdb5bed83751e041daaed7b88c939808f71d6d0c80190b36bc8db8cc

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92.dll

Resource

win7-20220414-en

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92
- Size
  
  1.2MB
- MD5
  
  7fe2e94e92e811267a97386b7db2c8c6
- SHA1
  
  195e82349b1267c21acadb5064c41116c882c354
- SHA256
  
  f6d275aec16dbd848d1726e5588c6497c20e4d1788562133c0de98d4f7601b92
- SHA512
  
  2e473afafa91ad44dde63342a255747530e26be5ffa4d467110fdddd053671ad0207394dbdb5bed83751e041daaed7b88c939808f71d6d0c80190b36bc8db8cc
Score

10^/10

evasion persistence trojan dridex botnet payload
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy