dridex | 7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816 | Triage

Submit
Reports

Overview

overview

Static

static

7b8b6a9ded...16.dll

windows7_x64

7b8b6a9ded...16.dll

windows10-2004_x64

8

Sharing

General

Target

7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816
Size

1.2MB
Sample

220419-exlztafcc6
MD5

a81d9ca2425c6431264471bf3dd5dc5e
SHA1

963dbf7119b0c55cf0713c3fd45da2e637f6f41d
SHA256

7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816
SHA512

a42921495ffb3ba00ef58cd6464143608b032ca2f7ed0f8c67fac6c656d2e321424caabaebcfa6fae2f48b9811c5bfcdc7ef7969382dc613d86bd7dc806e2b2d

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816.dll

Resource

win10v2004-20220414-en

evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816
- Size
  
  1.2MB
- MD5
  
  a81d9ca2425c6431264471bf3dd5dc5e
- SHA1
  
  963dbf7119b0c55cf0713c3fd45da2e637f6f41d
- SHA256
  
  7b8b6a9ded1330e3ef0dd42e7edf2b167dec4063699ab5e78d95905c6ba6a816
- SHA512
  
  a42921495ffb3ba00ef58cd6464143608b032ca2f7ed0f8c67fac6c656d2e321424caabaebcfa6fae2f48b9811c5bfcdc7ef7969382dc613d86bd7dc806e2b2d
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2024

Terms | Privacy