dridex | 370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a | Triage

Submit
Reports

Overview

overview

Static

static

370f1c893a...1a.dll

windows7_x64

370f1c893a...1a.dll

windows10-2004_x64

Sharing

General

Target

370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a
Size

1.2MB
Sample

220419-ex6n8afcf2
MD5

a4e06cc670b5bd72bacd34ba263e9819
SHA1

b028d9787d1c0f6cd10afa64f491caed94e172c9
SHA256

370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a
SHA512

6f8774b2969cc4b4b7a6288f300c88467c776eadf00ee1cb25ac5d47d7db9ae34439d701e4d2fb153aaf4162243cace9fa7ddb9da76231ba0122fa6695c71603

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a
- Size
  
  1.2MB
- MD5
  
  a4e06cc670b5bd72bacd34ba263e9819
- SHA1
  
  b028d9787d1c0f6cd10afa64f491caed94e172c9
- SHA256
  
  370f1c893acaf12c7238a3977f0eda3cfaa660ccea43b1b61461d551501e371a
- SHA512
  
  6f8774b2969cc4b4b7a6288f300c88467c776eadf00ee1cb25ac5d47d7db9ae34439d701e4d2fb153aaf4162243cace9fa7ddb9da76231ba0122fa6695c71603
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy