dridex | 48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642 | Triage

Submit
Reports

Overview

overview

Static

static

48dc546fd7...42.dll

windows7_x64

48dc546fd7...42.dll

windows10-2004_x64

8

Sharing

General

Target

48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642
Size

1.2MB
Sample

220419-ex3bssbgcr
MD5

7646f5ed5e19b61c8a94005ad15098d5
SHA1

6da94de9b802091686dc640c951205c50ce53182
SHA256

48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642
SHA512

05c0cc99d82ffeca0366d38c34bc942a184a90d163f165fc0f9801997500305514028af051043fe368a5ea72a6311bd801e96a4a6be785ff51f4f414f7608db6

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642.dll

Resource

win10v2004-20220414-en

evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642
- Size
  
  1.2MB
- MD5
  
  7646f5ed5e19b61c8a94005ad15098d5
- SHA1
  
  6da94de9b802091686dc640c951205c50ce53182
- SHA256
  
  48dc546fd72839ba913d8df996713bf6f4026da395321e85d7a389ee632d4642
- SHA512
  
  05c0cc99d82ffeca0366d38c34bc942a184a90d163f165fc0f9801997500305514028af051043fe368a5ea72a6311bd801e96a4a6be785ff51f4f414f7608db6
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2024

Terms | Privacy