dridex | 6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a | Triage

Submit
Reports

Overview

overview

Static

static

6562aa0b5c...3a.dll

windows7_x64

6562aa0b5c...3a.dll

windows10-2004_x64

Sharing

General

Target

6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a
Size

972KB
Sample

220419-exsglabgak
MD5

c13dbdfb58da48769cfe6bc96bd0403f
SHA1

caea0f4ffb19467c3dbe94b2f677bf851f690c00
SHA256

6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a
SHA512

0d829f832d5797c429defd3d67585e8d83aae588ecb1dfdd3fb864ec43bcf4a990a79492af329bdaff99c4382b11fd501a0dfc64e520d8239f22c0bb53b0c96b

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a.dll

Resource

win7-20220414-en

dridex botnet evasion payload persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a
- Size
  
  972KB
- MD5
  
  c13dbdfb58da48769cfe6bc96bd0403f
- SHA1
  
  caea0f4ffb19467c3dbe94b2f677bf851f690c00
- SHA256
  
  6562aa0b5ce1d60fdd3356b1814d1990da8c53e063b49b873b54184c6cac8e3a
- SHA512
  
  0d829f832d5797c429defd3d67585e8d83aae588ecb1dfdd3fb864ec43bcf4a990a79492af329bdaff99c4382b11fd501a0dfc64e520d8239f22c0bb53b0c96b
Score

10^/10

dridex botnet evasion payload persistence trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dridexbotnetevasionpayloadpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy