dridex | b3f2455dbdfadfdb76026bff37d4180f90b8dcfed7ce84043e2fcef4ae33b5e1 | Triage

Submit
Reports

Overview

overview

Static

static

ilfwuakkklgbtq.dll

windows7_x64

ilfwuakkklgbtq.dll

windows10-2004_x64

Sharing

General

Target

ilfwuakkklgbtq.bin
Size

512KB
Sample

220611-t6kwfaceb3
MD5

27f58c2668429c235febd5c29f758476
SHA1

0fff55d66836ecf56fd32036bb0bfb841dd4d66d
SHA256

b3f2455dbdfadfdb76026bff37d4180f90b8dcfed7ce84043e2fcef4ae33b5e1
SHA512

a0ed29de49dda034b27e73345b5e1dee59e6c965637726afabef72432450f4bd3ebed8bcd3983807d5cc07ce9899cc28e379223f7693620ef0fff17c9e38a94b

Score

10^/10

dridex 22203 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

ilfwuakkklgbtq.dll

Resource

win7-20220414-en

dridex 22203 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ilfwuakkklgbtq.dll

Resource

win10v2004-20220414-en

dridex 22203 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

51.159.52.196:443

134.209.247.135:6602

194.233.68.48:5228

89.31.56.58:593

rc4.plain

rc4.plain

Targets

- Target
  
  ilfwuakkklgbtq.bin
- Size
  
  512KB
- MD5
  
  27f58c2668429c235febd5c29f758476
- SHA1
  
  0fff55d66836ecf56fd32036bb0bfb841dd4d66d
- SHA256
  
  b3f2455dbdfadfdb76026bff37d4180f90b8dcfed7ce84043e2fcef4ae33b5e1
- SHA512
  
  a0ed29de49dda034b27e73345b5e1dee59e6c965637726afabef72432450f4bd3ebed8bcd3983807d5cc07ce9899cc28e379223f7693620ef0fff17c9e38a94b
Score

10^/10

dridex 22203 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22203botnetloader

behavioral2

dridex22203botnetloader

© 2018-2024

Terms | Privacy