dridex | f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6 | Triage

Submit
Reports

Overview

overview

Static

static

f5dce0d1a8...d6.exe

windows7_x64

f5dce0d1a8...d6.exe

windows10-2004_x64

Sharing

General

Target

f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6
Size

738KB
Sample

220512-pgtd3aeab9
MD5

e9a67d468109255b5ec498ae5a3a208f
SHA1

d12b135e79364468250b49e8e3cb20063dd8c2eb
SHA256

f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6
SHA512

99f9b888c8d7d5bd6750d921c36af2c7d225029d80ea476166f0d8ba177683b11fc3a08bcd715caf0433c29bd83b029eb6575f86d4dcd55c1062b70d4c1d9cd5

Score

10^/10

dridex 10111 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6.exe

Resource

win7-20220414-en

dridex 10111 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6.exe

Resource

win10v2004-20220414-en

dridex 10111 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

185.230.161.62:3389

2.58.16.89:8443

rc4.plain

rc4.plain

Targets

- Target
  
  f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6
- Size
  
  738KB
- MD5
  
  e9a67d468109255b5ec498ae5a3a208f
- SHA1
  
  d12b135e79364468250b49e8e3cb20063dd8c2eb
- SHA256
  
  f5dce0d1a8fb0f0f905a7f20714e5b4e8788041fc61222641c362f1f8fe860d6
- SHA512
  
  99f9b888c8d7d5bd6750d921c36af2c7d225029d80ea476166f0d8ba177683b11fc3a08bcd715caf0433c29bd83b029eb6575f86d4dcd55c1062b70d4c1d9cd5
Score

10^/10

dridex 10111 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex10111botnetloader

behavioral2

dridex10111botnetloader

© 2018-2024

Terms | Privacy