dridex | a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d | Triage

Submit
Reports

Overview

overview

Static

static

a9e0ebbfc2...5d.dll

windows7_x64

a9e0ebbfc2...5d.dll

windows10-2004_x64

8

Sharing

General

Target

a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d
Size

973KB
Sample

220419-excq5sfcb2
MD5

cd4e22ed989116765ed8b43c91618a34
SHA1

d43b1b30cb0efb06a7a0118a80ba2d05ed0fa4b2
SHA256

a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d
SHA512

e605fcce4ac7dba61111603b393501b12d4442668a465a758ecc38f9325b67b2998586d04063b6e2ea58d1cfe6461e97841b0b80eaffea842aba4c53215d36c7

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d.dll

Resource

win10v2004-20220414-en

evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d
- Size
  
  973KB
- MD5
  
  cd4e22ed989116765ed8b43c91618a34
- SHA1
  
  d43b1b30cb0efb06a7a0118a80ba2d05ed0fa4b2
- SHA256
  
  a9e0ebbfc2fe45a06a23a56e34c6cf53596793df50c3ea6dcb102c4d6217a25d
- SHA512
  
  e605fcce4ac7dba61111603b393501b12d4442668a465a758ecc38f9325b67b2998586d04063b6e2ea58d1cfe6461e97841b0b80eaffea842aba4c53215d36c7
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2024

Terms | Privacy