dridex | 7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a | Triage

Submit
Reports

Overview

overview

Static

static

7267885574...7a.dll

windows7_x64

7267885574...7a.dll

windows10-2004_x64

Sharing

General

Target

7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a
Size

1MB
Sample

220419-ewlbwsfbe4
MD5

513fc64fd591db4f601b9ce9f2da15e0
SHA1

c26e626dcf7c5328675ea73a672ff1b5d27d44a8
SHA256

7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a
SHA512

a120c47877119d939776c1532592a5b788b8af2185ad15a00fb466c07b916a7f46ac815cd1f2cf19f1974690d29bb812b4c664aa1a47199bc4f10788b2a6e8b1

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

Behavioral task

behavioral2

Sample

7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

Malware Config

Targets

- Target
  
  7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a
- Size
  
  1MB
- MD5
  
  513fc64fd591db4f601b9ce9f2da15e0
- SHA1
  
  c26e626dcf7c5328675ea73a672ff1b5d27d44a8
- SHA256
  
  7267885574387dc8769908893f2c1ba297a0e4da0798105e1301247df2d8b97a
- SHA512
  
  a120c47877119d939776c1532592a5b788b8af2185ad15a00fb466c07b916a7f46ac815cd1f2cf19f1974690d29bb812b4c664aa1a47199bc4f10788b2a6e8b1
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Payload
  Detects Dridex x64 core DLL in memory.
  botnet payload
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2023

Terms | Privacy