dridex | 9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053 | Triage

Submit
Reports

Overview

overview

Static

static

9496ab1084...53.dll

windows7_x64

9496ab1084...53.dll

windows10-2004_x64

Sharing

General

Target

9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053
Size

1MB
Sample

220419-exhmdsbffp
MD5

1ac4db4a4dcdf80d076fadd6f0047bc0
SHA1

8afc736ef712c980d04b45c539f72e4f3dedbdf4
SHA256

9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053
SHA512

6d61d7ef13757472e9417577fd225fb966dc8be12c7a6e028a9bc84f069a0af277fa6734610393a93c3351dda8f354e0fd33ef042ce5ff5503216ab16557998c

Score

10^/10

dridex botnet payload persistence

Static task

static1

Behavioral task

behavioral1

Sample

9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053.dll

Resource

win7-20220414-en

dridex botnet payload persistence

Behavioral task

behavioral2

Sample

9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053.dll

Resource

win10v2004-20220414-en

dridex botnet payload persistence

Malware Config

Targets

- Target
  
  9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053
- Size
  
  1MB
- MD5
  
  1ac4db4a4dcdf80d076fadd6f0047bc0
- SHA1
  
  8afc736ef712c980d04b45c539f72e4f3dedbdf4
- SHA256
  
  9496ab1084d795dec40c7033b9ca84335347b3c45491e2ba3da457bd2088a053
- SHA512
  
  6d61d7ef13757472e9417577fd225fb966dc8be12c7a6e028a9bc84f069a0af277fa6734610393a93c3351dda8f354e0fd33ef042ce5ff5503216ab16557998c
Score

10^/10

dridex botnet payload persistence
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetpayloadpersistence

behavioral2

dridexbotnetpayloadpersistence

© 2018-2023

Terms | Privacy