dridex | 5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e | Triage

Submit
Reports

Overview

overview

Static

static

5884e6b47a...7e.exe

windows7-x64

5884e6b47a...7e.exe

windows10-2004-x64

Analysis

max time kernel
29s
max time network
46s
platform
windows7_x64
resource
win7-20220715-en
resource tags

arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system
submitted
24-07-2022 13:52

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e.exe

Resource

win7-20220715-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e.exe

Resource

win10v2004-20220721-en

windows10-2004-x64

4 signatures

150 seconds

Report Analysis Logs

General

Target

5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e.exe
Size

204KB
MD5

5433d8ae94d18b1717d373dc9c73c4de
SHA1

23c30177ec268b76f7b73282b184e3a7ed2dd830
SHA256

5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e
SHA512

5c8e1fdc1e2eaac7a9452f314c60400affdb40ec444f19db794d96bef08d5133c2f81b71e91bea2bde31d4526fa66c94442d2bfeb8c1e02baa55b8f73268770c

Score

10^/10

dridex botnet

Malware Config

Extracted

Family

dridex

C2

5.196.15.119:443

46.105.131.72:443

157.7.163.144:3389

199.119.78.9:4143

Signatures

Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
botnet dridex

Processes

C:\Users\Admin\AppData\Local\Temp\5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e.exe
"C:\Users\Admin\AppData\Local\Temp\5884e6b47a289116c08e6cfc2667f3cff395df5c65479c1428de8e8b2b7bd37e.exe"
1⤵
PID:1112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1112-54-0x0000000003000000-0x0000000003033000-memory.dmp

Filesize
204KB

Download
memory/1112-56-0x0000000000250000-0x0000000000256000-memory.dmp

Filesize
24KB

Download

© 2018-2024

Terms | Privacy