dridex | c5d21d0bab87488027c50dfe072831c77ff7c12f1c8bc0e5e6e3669a90c96ac3 | Triage

Submit
Reports

Overview

overview

Static

static

IDCRnINaaE...tq.dll

windows7_x64

IDCRnINaaE...tq.dll

windows10-2004_x64

Sharing

General

Target

IDCRnINaaEmumCkkklgbtq.bin
Size

512KB
Sample

220626-gcbz8ahaep
MD5

915aafdf0d410067666248efe8df8fcf
SHA1

744b92941284e1164b608235b19c8f07f9dc6819
SHA256

c5d21d0bab87488027c50dfe072831c77ff7c12f1c8bc0e5e6e3669a90c96ac3
SHA512

93748ff5ff761150b4b32285515a6f7dea0bfe917c9a85e55849474b8b2392eff0e66d3c02395b3c4e4d77ed61aab00e9c0ff2b6bf09ceb99413f123becfed2c

Score

10^/10

dridex 22203 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

IDCRnINaaEmumCkkklgbtq.dll

Resource

win7-20220414-en

dridex 22203 botnet loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

IDCRnINaaEmumCkkklgbtq.dll

Resource

win10v2004-20220414-en

dridex 22203 botnet loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

51.159.52.196:443

134.209.247.135:6602

194.233.68.48:5228

89.31.56.58:593

rc4.plain

rc4.plain

Targets

- Target
  
  IDCRnINaaEmumCkkklgbtq.bin
- Size
  
  512KB
- MD5
  
  915aafdf0d410067666248efe8df8fcf
- SHA1
  
  744b92941284e1164b608235b19c8f07f9dc6819
- SHA256
  
  c5d21d0bab87488027c50dfe072831c77ff7c12f1c8bc0e5e6e3669a90c96ac3
- SHA512
  
  93748ff5ff761150b4b32285515a6f7dea0bfe917c9a85e55849474b8b2392eff0e66d3c02395b3c4e4d77ed61aab00e9c0ff2b6bf09ceb99413f123becfed2c
Score

10^/10

dridex 22203 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22203botnetloader

behavioral2

dridex22203botnetloader

© 2018-2024

Terms | Privacy