dridex | 545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949 | Triage

Submit
Reports

Overview

overview

Static

static

545ad887af...49.dll

windows7_x64

8

545ad887af...49.dll

windows10-2004_x64

Sharing

General

Target

545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949
Size

1.2MB
Sample

220419-exyzdabgbm
MD5

9695e76c854bada80b3d1b54d7ff492c
SHA1

9001b73c1570ec65cc1bc89216adc846bb06e083
SHA256

545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949
SHA512

0874b871365cd2d74b92cb71d0d57799c04e76d5ccbea57d48de8fc7c550ae087b34848e21253bc9295c0c78d26db81c42bdb71af7ffdfeabf7e72a81268a2d1

Score

10^/10

dridex botnet evasion payload persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949.dll

Resource

win7-20220414-en

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949.dll

Resource

win10v2004-20220414-en

dridex botnet evasion payload persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949
- Size
  
  1.2MB
- MD5
  
  9695e76c854bada80b3d1b54d7ff492c
- SHA1
  
  9001b73c1570ec65cc1bc89216adc846bb06e083
- SHA256
  
  545ad887af8d8588ce8b919f320a8b9ae0acfc926a3a9385df2751ab3cdec949
- SHA512
  
  0874b871365cd2d74b92cb71d0d57799c04e76d5ccbea57d48de8fc7c550ae087b34848e21253bc9295c0c78d26db81c42bdb71af7ffdfeabf7e72a81268a2d1
Score

10^/10

evasion persistence trojan dridex botnet payload
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Shellcode
  Detects Dridex Payload shellcode injected in Explorer process.
  botnet payload
- Modifies Installed Components in the registry
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

dridexbotnetevasionpayloadpersistencetrojan

© 2018-2024

Terms | Privacy