Overview

overview

10

Static

static

cspwge.dll

windows7_x64

10

cspwge.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cspwge.rar

  • Size

    425KB

  • Sample

    220626-f4w9ssaeh2

  • MD5

    7d99e955a5f92c1f7809bb6a6609af70

  • SHA1

    a9eae703e5b501bd0ab767782ee4cfad467b736e

  • SHA256

    e63419700590e021c61e68cfaccfbe5be4f31aba7fdf703d323c8b14365658e5

  • SHA512

    e935fad23dc862daf1c55677d255b142f112ac1a6102614c672dd1e75f9c64a54e7266a8a1d45cc5de9b31e85db2281200d5cdb551d0dd544e8d08dddf2641b6

Score
10/10
dridex10555botnet

Malware Config

Extracted

Family

dridex

Botnet

10555

C2

77.220.64.132:443

212.227.53.240:5037

192.241.174.45:8172
rc4.plain
rc4.plain

Targets

    • Target

      cspwge.rar

    • Size

      425KB

    • MD5

      7d99e955a5f92c1f7809bb6a6609af70

    • SHA1

      a9eae703e5b501bd0ab767782ee4cfad467b736e

    • SHA256

      e63419700590e021c61e68cfaccfbe5be4f31aba7fdf703d323c8b14365658e5

    • SHA512

      e935fad23dc862daf1c55677d255b142f112ac1a6102614c672dd1e75f9c64a54e7266a8a1d45cc5de9b31e85db2281200d5cdb551d0dd544e8d08dddf2641b6

    Score
    10/10
    dridex10555botnet

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks