Overview

overview

10

Static

static

rc62n0.dll

windows7_x64

10

rc62n0.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rc62n0.rar

  • Size

    500KB

  • Sample

    220626-gnaxasbcf7

  • MD5

    06888708e24aa2bad5f12b668063e0d8

  • SHA1

    ccdd7e12587ce16013fe5cbf5b3ac7ba9c7bd910

  • SHA256

    83c390d82e19beec14d007b7350f4296c23ce9b3d131a3670ebb7424ad917410

  • SHA512

    12a2306584678b9d39211945e162cc6af2ee12d6a82fec9e743f86f3d4b849086f50bd834dbc9cbb770d3ff0ec0aee027e63e67353552690bbb896c3cb57f1e2

Score
10/10
dridex10444botnet

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

162.241.44.26:9443

192.232.229.53:4443

77.220.64.34:443

193.90.12.121:3098
rc4.plain
rc4.plain

Targets

    • Target

      rc62n0.rar

    • Size

      500KB

    • MD5

      06888708e24aa2bad5f12b668063e0d8

    • SHA1

      ccdd7e12587ce16013fe5cbf5b3ac7ba9c7bd910

    • SHA256

      83c390d82e19beec14d007b7350f4296c23ce9b3d131a3670ebb7424ad917410

    • SHA512

      12a2306584678b9d39211945e162cc6af2ee12d6a82fec9e743f86f3d4b849086f50bd834dbc9cbb770d3ff0ec0aee027e63e67353552690bbb896c3cb57f1e2

    Score
    10/10
    dridex10444botnet

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks