dridex | cf8e7d9092ffe768399139c549b410195cc361c1ca1108a7ac2b5ede3a335f8a | Triage

Submit
Reports

Overview

overview

Static

static

849d3eb659...0b.dll

windows7-x64

849d3eb659...0b.dll

windows10-2004-x64

Sharing

General

Target

8027466137.zip
Size

161KB
Sample

220922-g9qvmseacp
MD5

54fdbe127f57cca13d5d28390df07248
SHA1

2d55355f596c84f0ae6054fc57fd1295a60d6361
SHA256

cf8e7d9092ffe768399139c549b410195cc361c1ca1108a7ac2b5ede3a335f8a
SHA512

b097c24e9397a8faca32d6732045a569770e4784c9e459a23ab86beecd1926f1d80974485b1ad02bbe338139b99cc301ce1fbc7aa422c04f13f7e4231c917e83
SSDEEP

3072:yi5dqyZFTxUGdAqqNTPzaP746PmsUBRu0Ac7lBdVzbbOCkUGy4JaN/5xCSnR4:ZdVxUGdANQ46uxRun+rd9/P4JaBvC04

Score

10^/10

dridex 22201 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

849d3eb659fc41ba57098e5e48d694f5c4389cdb7157642b47fc1b0c6d75c00b.dll

Resource

win7-20220901-en

dridex 22201 botnet loader

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

849d3eb659fc41ba57098e5e48d694f5c4389cdb7157642b47fc1b0c6d75c00b.dll

Resource

win10v2004-20220812-en

dridex 22201 botnet loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

195.154.146.84:443

45.56.121.87:8116

157.245.222.44:5723

rc4.plain

rc4.plain

Targets

- Target
  
  849d3eb659fc41ba57098e5e48d694f5c4389cdb7157642b47fc1b0c6d75c00b
- Size
  
  244KB
- MD5
  
  527acdff5f6083b091e9361ecc9bed36
- SHA1
  
  2028f4ccb2e8b95f296a3ea61d6be597303efba3
- SHA256
  
  849d3eb659fc41ba57098e5e48d694f5c4389cdb7157642b47fc1b0c6d75c00b
- SHA512
  
  c691c182fd6fc03ae75d602bf4c6466128e16803cbfd8d55db9f3e41c35b602fd5214db03d0fd8a8e8d7bc58cf82f97f246ff8411c763b7a8cf586b34c9d0049
- SSDEEP
  
  3072:dmMHLYjs2g+ciAlYDyOWIsh0pMf+66C4FxTdCU1byGkGcyXDTERlDkr/:drHL+tg+cGyZzheB6b4fJCwb8d0E
Score

10^/10

dridex 22201 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22201botnetloader

behavioral2

dridex22201botnetloader

© 2018-2024

Terms | Privacy