dridex | 41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001 | Triage

Submit
Reports

Overview

overview

Static

static

41409384fc...01.exe

windows7_x64

41409384fc...01.exe

windows10-2004_x64

Analysis

max time kernel
60s
max time network
46s
platform
windows7_x64
resource
win7-20220414-en
submitted
08-07-2022 06:19

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001.exe
Size

204KB
MD5

4e361b5e51f51240dcc1ae69d50580f9
SHA1

870908b1bdf3537682282256afc522b25e059e50
SHA256

41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001
SHA512

65afc72a3ee2fc3a37d1f5638c0b2da12ba1912ac5c7afae147999d0e58494c84c386f6eafa09484e3a0986efc52362cf9811dd4245ff9e05cb2ca197bdfb5c2

Score

10^/10

dridex botnet

Malware Config

Extracted

Family

dridex

C2

5.196.15.119:443

46.105.131.72:443

157.7.163.144:3389

199.119.78.9:4143

Signatures

Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
botnet dridex

Processes

C:\Users\Admin\AppData\Local\Temp\41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001.exe
"C:\Users\Admin\AppData\Local\Temp\41409384fc3c2397c4a759245a8269a8f84c40391c9ffb94884986a1a1d33001.exe"
1⤵
PID:1376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1376-54-0x0000000003000000-0x0000000003033000-memory.dmp

Filesize
204KB

Download
memory/1376-56-0x00000000001E0000-0x00000000001E6000-memory.dmp

Filesize
24KB

Download

© 2018-2024

Terms | Privacy