dridex | 412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54 | Triage

Submit
Reports

Overview

overview

Static

static

412b57c9e8...54.exe

windows7_x64

412b57c9e8...54.exe

windows10-2004_x64

Sharing

General

Target

412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54
Size

450KB
Sample

220502-ah38bsfcb9
MD5

4ec71b3e86b5f61b54d6516d90cc0f41
SHA1

fef8c687dc109dfb662ada733bca5b0bb518ab6e
SHA256

412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54
SHA512

d68d32c9fc234dded9b5a172e5e024aeac6c48297704db51ba1623a3f18d01c8aa6776f3309055bf9bb13727c74669ef9a097e9216a32bbc6760dd80f78dfff1

Score

10^/10

dridex 10111 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54.exe

Resource

win7-20220414-en

dridex 10111 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54.exe

Resource

win10v2004-20220414-en

dridex 10111 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

185.230.161.62:3389

2.58.16.89:8443

rc4.plain

rc4.plain

Targets

- Target
  
  412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54
- Size
  
  450KB
- MD5
  
  4ec71b3e86b5f61b54d6516d90cc0f41
- SHA1
  
  fef8c687dc109dfb662ada733bca5b0bb518ab6e
- SHA256
  
  412b57c9e83bf404bfacf087f3bf8edee7af584ab303f3222eb22ced5d7e5f54
- SHA512
  
  d68d32c9fc234dded9b5a172e5e024aeac6c48297704db51ba1623a3f18d01c8aa6776f3309055bf9bb13727c74669ef9a097e9216a32bbc6760dd80f78dfff1
Score

10^/10

dridex 10111 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex10111botnetloader

behavioral2

dridex10111botnetloader

© 2018-2024

Terms | Privacy