Overview

overview

10

Static

static

w50lew.dll

windows7_x64

10

w50lew.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    w50lew.zip

  • Size

    848KB

  • Sample

    220626-gznbrsbfd5

  • MD5

    c172dffca245d2a779b6231ee0746134

  • SHA1

    c1534cfccfc431b817cd16600cee32d3b52e980d

  • SHA256

    1a38b43a61cad2fba9077942ee0abd2fa55cba21cf52a90603bbfed39147a22a

  • SHA512

    cc128c989beef8d8de3de7537296c46e42ecc17fd22c2811734ae382ebc024ac0fdb369df72f1bc6e784aba8b18808743c6a35cac9295863831670e4add13ee2

Score
10/10
dridex10444botnet

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

194.225.58.214:443

211.110.44.63:5353

69.164.207.140:3388

198.57.200.100:3786
rc4.plain
rc4.plain

Targets

    • Target

      w50lew.zip

    • Size

      848KB

    • MD5

      c172dffca245d2a779b6231ee0746134

    • SHA1

      c1534cfccfc431b817cd16600cee32d3b52e980d

    • SHA256

      1a38b43a61cad2fba9077942ee0abd2fa55cba21cf52a90603bbfed39147a22a

    • SHA512

      cc128c989beef8d8de3de7537296c46e42ecc17fd22c2811734ae382ebc024ac0fdb369df72f1bc6e784aba8b18808743c6a35cac9295863831670e4add13ee2

    Score
    10/10
    dridex10444botnet

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks