Overview

overview

10

Static

static

9

735313383b...8f.exe

windows7_x64

10

735313383b...8f.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    43s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    20-04-2022 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    735313383b47fca51be55ecc467478cf4994b2952e57f0cee5038aafa528828f.exe

  • Size

    367KB

  • MD5

    515e18112fda643eb61a7213764bcaf3

  • SHA1

    4dca282d568899eb1393134ceb2708b7abda1109

  • SHA256

    735313383b47fca51be55ecc467478cf4994b2952e57f0cee5038aafa528828f

  • SHA512

    c500f17c227b0da6e1e96dcba7ce4936d1384fe40763c7e5718b5583d186a09d149e27013b0e91113074c9dbed67589e19946d61fe505664a145279beb4692e4

Score
10/10
dridex10111botnet

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

194.150.118.7:443

49.212.179.180:3889

69.64.62.4:4443
rc4.plain
rc4.plain

Signatures

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

Processes

  • C:\Users\Admin\AppData\Local\Temp\735313383b47fca51be55ecc467478cf4994b2952e57f0cee5038aafa528828f.exe
    "C:\Users\Admin\AppData\Local\Temp\735313383b47fca51be55ecc467478cf4994b2952e57f0cee5038aafa528828f.exe"
    1⤵
      PID:884

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/884-54-0x00000000763B1000-0x00000000763B3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/884-55-0x00000000002B0000-0x00000000002EC000-memory.dmp
      Filesize

      240KB

      Download
    • memory/884-56-0x0000000000400000-0x000000000045F000-memory.dmp
      Filesize

      380KB

      Download