Overview

overview

10

Static

static

agha25.dll

windows7-x64

10

agha25.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    agha25.tar

  • Size

    538KB

  • Sample

    220731-fqpb2aadgl

  • MD5

    04485fad82d561bffe7e83dd47d81d7f

  • SHA1

    133e7eb3593afb3f05e1c1f72f525c10a237dcb6

  • SHA256

    3f1ada78b282636a9edbac8f7fef7fe53e2ed62b2b732aed16e9ecfcb5cc04c7

  • SHA512

    6d8fadc784c8d975dee3b87b1e8ba301ca2107b5452f772083d3f6845a274d79b5c773409180f89e51bea860e75df9886ae4a07b88480cd3fb6d14ebd57c97a6

Score
10/10
dridex10444botnet

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

77.220.64.146:443

85.25.134.43:8172

213.208.134.178:6516
rc4.plain
rc4.plain

Targets

    • Target

      agha25.tar

    • Size

      538KB

    • MD5

      04485fad82d561bffe7e83dd47d81d7f

    • SHA1

      133e7eb3593afb3f05e1c1f72f525c10a237dcb6

    • SHA256

      3f1ada78b282636a9edbac8f7fef7fe53e2ed62b2b732aed16e9ecfcb5cc04c7

    • SHA512

      6d8fadc784c8d975dee3b87b1e8ba301ca2107b5452f772083d3f6845a274d79b5c773409180f89e51bea860e75df9886ae4a07b88480cd3fb6d14ebd57c97a6

    Score
    10/10
    dridex10444botnet

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks