dridex | 3[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

3.exe

windows7_x64

6

3.exe

windows10-2004_x64

6

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3.exe

Resource

win7-20220414-en

discovery evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3.exe

Resource

win10v2004-20220414-en

discovery evasion trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

3.bin
Size

236KB
MD5

e36be02e35ef401baeb5b09654519b78
SHA1

22174f824fc0917d6ac0c23f647b8c7238be3b11
SHA256

545af9bd816824fd087dd019a322caa614410e8f97484f52ca89d92781421f46
SHA512

dd7e65416332177f8643e5236ba7fe594b2018db970c925d871a8166e13703bf148594f5572de0cf83588dd2ba50c3317ca3a79b8959cb9a61078750bf4f75cc
SSDEEP

3072:Z0W5BDiuMi8R/rfA6nFUepMO3tQeXF7ApJhCSMQHlUiVf8k75zOQzsFfYCe4o3pk:quk/fqc7AJN7kiwe4o3pk

Score

10^/10

10111 dridex

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

51.68.224.245:4646

188.165.17.91:8443

173.255.246.77:691

rc4.plain

rc4.plain

Signatures

Dridex family
dridex

Files

3.bin
.exe windows x86

1e514447f004e9505dc193777ba8a65d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
Sleep

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy