dridex | 7249ce3d04df4431c89afca3e3ffbc8e54f0cb820b6d04f602e346eb2b97210c | Triage

Submit
Reports

Overview

overview

Static

static

YJdtpgTLkkklgbtq.dll

windows7_x64

YJdtpgTLkkklgbtq.dll

windows10-2004_x64

Sharing

General

Target

YJdtpgTLkkklgbtq.bin
Size

512KB
Sample

220519-cx2ddsaae4
MD5

937fc1669108ba066c02a63b4140557a
SHA1

06f9280d70faf4feb2d5e5a4aa40f9d653af738a
SHA256

7249ce3d04df4431c89afca3e3ffbc8e54f0cb820b6d04f602e346eb2b97210c
SHA512

d1541e6713864d4f9a33d641b83410ec2271dc04e37e8de70afd251b5653d4e72ed91f58102eb09488b08e05ab20b5b5f222e796e6a846610fba5d502b0478be

Score

10^/10

dridex 22203 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

YJdtpgTLkkklgbtq.dll

Resource

win7-20220414-en

dridex 22203 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

YJdtpgTLkkklgbtq.dll

Resource

win10v2004-20220414-en

dridex 22203 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

51.159.52.196:443

134.209.247.135:6602

194.233.68.48:5228

89.31.56.58:593

rc4.plain

rc4.plain

Targets

- Target
  
  YJdtpgTLkkklgbtq.bin
- Size
  
  512KB
- MD5
  
  937fc1669108ba066c02a63b4140557a
- SHA1
  
  06f9280d70faf4feb2d5e5a4aa40f9d653af738a
- SHA256
  
  7249ce3d04df4431c89afca3e3ffbc8e54f0cb820b6d04f602e346eb2b97210c
- SHA512
  
  d1541e6713864d4f9a33d641b83410ec2271dc04e37e8de70afd251b5653d4e72ed91f58102eb09488b08e05ab20b5b5f222e796e6a846610fba5d502b0478be
Score

10^/10

dridex 22203 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22203botnetloader

behavioral2

dridex22203botnetloader

© 2018-2024

Terms | Privacy