dridex | 8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb | Triage

Submit
Reports

Overview

overview

Static

static

8c18f72407...cb.exe

windows7_x64

8c18f72407...cb.exe

windows10-2004_x64

Sharing

General

Target

8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb
Size

208KB
Sample

220524-2cyjfaabe3
MD5

c1b75ea7ce9e8d0f487094cd45d17df0
SHA1

db98ee87fbd92205876e4f5d2e62f244702fd91c
SHA256

8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb
SHA512

5def7da63751f2d1bc7a7c5006944c7cdb5bfe78e639dfe92c0467da0999ac240ce37158473e56681ef16166226d7d8f90ed916ffd9c70ad7ea11f321c1aa185

Score

10^/10

dridex 40400 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb.exe

Resource

win7-20220414-en

dridex 40400 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb.exe

Resource

win10v2004-20220414-en

dridex 40400 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

59.148.253.194:443

207.180.230.218:3389

2.58.16.87:8443

rc4.plain

rc4.plain

Targets

- Target
  
  8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb
- Size
  
  208KB
- MD5
  
  c1b75ea7ce9e8d0f487094cd45d17df0
- SHA1
  
  db98ee87fbd92205876e4f5d2e62f244702fd91c
- SHA256
  
  8c18f72407febb075c912e175d39d3ca1512c2e7c745d492fbf6ceddcdac9bcb
- SHA512
  
  5def7da63751f2d1bc7a7c5006944c7cdb5bfe78e639dfe92c0467da0999ac240ce37158473e56681ef16166226d7d8f90ed916ffd9c70ad7ea11f321c1aa185
Score

10^/10

dridex 40400 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnetloader

behavioral2

dridex40400botnetloader

© 2018-2024

Terms | Privacy