dridex | 5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92 | Triage

Submit
Reports

Overview

overview

Static

static

5f784ed9f4...92.dll

windows7_x64

8

5f784ed9f4...92.dll

windows10-2004_x64

Sharing

General

Target

5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92
Size

1.4MB
Sample

220419-exwt1sfce3
MD5

c735763b0646ba739a001a3dea51881d
SHA1

42fc1ad0a8a26f4948ad54294fbef505a7652ef1
SHA256

5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92
SHA512

5b719ae4445301ec3a33b4d70181f758ac966e5f543241566d417ead1eea0454ff8db6ec47931b254b0ec987c7fba00e32c363e7ba07cb620a621b8e25d174d0

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92.dll

Resource

win7-20220414-en

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92
- Size
  
  1.4MB
- MD5
  
  c735763b0646ba739a001a3dea51881d
- SHA1
  
  42fc1ad0a8a26f4948ad54294fbef505a7652ef1
- SHA256
  
  5f784ed9f418f7a98229b971bc9457de485210db974cd14daf21434d282d7b92
- SHA512
  
  5b719ae4445301ec3a33b4d70181f758ac966e5f543241566d417ead1eea0454ff8db6ec47931b254b0ec987c7fba00e32c363e7ba07cb620a621b8e25d174d0
Score

10^/10

evasion persistence trojan dridex botnet payload
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy