dridex | 80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e | Triage

Submit
Reports

Overview

overview

Static

static

80f32b32d9...9e.exe

windows7_x64

80f32b32d9...9e.exe

windows10-2004_x64

Sharing

General

Target

80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e
Size

450KB
Sample

220502-ah1gfabhbp
MD5

ae6cf592a7918eeb32582e3320750a13
SHA1

63885d7b3f4112823f9a4c64dc20022d29473e5c
SHA256

80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e
SHA512

dd352a1c608ba5beb65b95b8a05394a34310450d44e187c8de4d1b5bc0d7144f38c95ff4cc59118915cad261922ff296cf26870c3555e5631e9b28bc7d0c6a6e

Score

10^/10

dridex 10111 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e.exe

Resource

win7-20220414-en

dridex 10111 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e.exe

Resource

win10v2004-20220414-en

dridex 10111 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

185.230.161.62:3389

2.58.16.89:8443

rc4.plain

rc4.plain

Targets

- Target
  
  80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e
- Size
  
  450KB
- MD5
  
  ae6cf592a7918eeb32582e3320750a13
- SHA1
  
  63885d7b3f4112823f9a4c64dc20022d29473e5c
- SHA256
  
  80f32b32d9b3b455935c2e21d12afd9471ad59b674aabe040443b39c6994829e
- SHA512
  
  dd352a1c608ba5beb65b95b8a05394a34310450d44e187c8de4d1b5bc0d7144f38c95ff4cc59118915cad261922ff296cf26870c3555e5631e9b28bc7d0c6a6e
Score

10^/10

dridex 10111 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex10111botnetloader

behavioral2

dridex10111botnetloader

© 2018-2024

Terms | Privacy