Overview

overview

10

Static

static

780869b07d...d9.exe

windows7-x64

10

780869b07d...d9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    780869b07d67ebe66e3049f886ba2763b7ad254a7dff6198d3afd7b12995c8d9

  • Size

    858KB

  • Sample

    221229-mbn62scg98

  • MD5

    2d9d9da6877fd4c8ed4e28cc95fdf5d1

  • SHA1

    af60ef73cae1379c62d7780bc8759cc5900b883a

  • SHA256

    780869b07d67ebe66e3049f886ba2763b7ad254a7dff6198d3afd7b12995c8d9

  • SHA512

    6c57fc675f33cd83819b08831448d09353127d47d4ab6d1a24c61f2752782ae011d249dcbd2b07a447f79e8885caf10ba1b9acfaa8201cb9a4403f648ba2cfd0

  • SSDEEP

    12288:BsrLSiEMOq1hD30WEv5UyoqmynBU7TjMd+dkxDsD3mk3xhdJ1rmqrmICNoSDi7ni:BmOxMOIYRQ6nWqpC/+BF5y4

Score
10/10
dridex20445botnet

Malware Config

Extracted

Family

dridex

Botnet

20445

C2

213.136.94.177:443

91.83.93.219:3389

37.205.9.252:8443

213.192.1.171:4646
rc4.plain
rc4.plain

Targets

    • Target

      780869b07d67ebe66e3049f886ba2763b7ad254a7dff6198d3afd7b12995c8d9

    • Size

      858KB

    • MD5

      2d9d9da6877fd4c8ed4e28cc95fdf5d1

    • SHA1

      af60ef73cae1379c62d7780bc8759cc5900b883a

    • SHA256

      780869b07d67ebe66e3049f886ba2763b7ad254a7dff6198d3afd7b12995c8d9

    • SHA512

      6c57fc675f33cd83819b08831448d09353127d47d4ab6d1a24c61f2752782ae011d249dcbd2b07a447f79e8885caf10ba1b9acfaa8201cb9a4403f648ba2cfd0

    • SSDEEP

      12288:BsrLSiEMOq1hD30WEv5UyoqmynBU7TjMd+dkxDsD3mk3xhdJ1rmqrmICNoSDi7ni:BmOxMOIYRQ6nWqpC/+BF5y4

    Score
    10/10
    dridex20445botnet

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks