Overview

overview

10

Static

static

9

Dridex_e9a...99.exe

windows7_x64

10

Dridex_e9a...99.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Dridex_e9a50d650923e482ddc8bf38b029a2355d8dc804b6c19df8d41efa061df7ed99.zip

  • Size

    319KB

  • Sample

    220628-r91d7aabdj

  • MD5

    5663f39e678931366ed83ec151cd366e

  • SHA1

    a0513ba19598488e7c571b14e990f9b8a11ee058

  • SHA256

    66ad86f7469195bfad90f298c2642f978b9b34646bf5e1d63f2542aa638d5231

  • SHA512

    6ae08f02f84d6d2179cc757990d6bbd8aa7eab3788d3133b069d48c847fc29ac6a45f1702a6c63b526155d66e9d8f973133b4ed92f40452a389329e6496e75f0

Score
10/10
dridex10111botnetcryptoneloaderpacker

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

217.20.166.177:443

54.38.143.246:691

92.38.128.47:3389
rc4.plain
rc4.plain

Targets

    • Target

      Dridex_e9a50d650923e482ddc8bf38b029a2355d8dc804b6c19df8d41efa061df7ed99.bin

    • Size

      512KB

    • MD5

      d04c17a701bacaae197fd51c95acf1b3

    • SHA1

      2062257212e5db564c3f7e37dc676b5dc3f230a6

    • SHA256

      e9a50d650923e482ddc8bf38b029a2355d8dc804b6c19df8d41efa061df7ed99

    • SHA512

      0f2bcaad3efd53a7cda5ca627dac08e343a30a82811879804626cfa929b730eb160c13dcf1b69c323114df17a907558d263dc5d9995054219fc58b0eee7ca387

    Score
    10/10
    dridex10111botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader 'dmod' strings

      Detects 'dmod' strings in Dridex loader.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks