dridex | d090bd62615236ec449a6a12d0838bd94e04a8c22fd44dc63d9670809ffe1a0e | Triage

Submit
Reports

Overview

overview

Static

static

1

d66304251f...77.dll

windows7-x64

d66304251f...77.dll

windows10-2004-x64

Sharing

General

Target

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.zip
Size

172KB
Sample

230310-m4sd6seg5x
MD5

df81c991c51875a6c605cf7870fb348a
SHA1

4c97bf2e178ccaae296b0588fb1743bac19aeefd
SHA256

d090bd62615236ec449a6a12d0838bd94e04a8c22fd44dc63d9670809ffe1a0e
SHA512

9a3483dda951b1072d8c726eeba7b7dc2c8f6eea95928ab1eca9d5ed9857f06d1883af97422d2879ca3fc475dc71d179764f58bfa9a251a947216d2109dd5aae
SSDEEP

3072:eWl011TLeNNIPyYTveN8w0pnkFI1Kh6tY01zW8Twtc5yJmnLpfZ3l:e7PSNNIDTWb6oh6tY0g8yhJmLpx1

Score

10^/10

dridex 22202 botnet loader

Static task

static1

Behavioral task

behavioral1

Sample

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.dll

Resource

win7-20230220-en

dridex 22202 botnet loader

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.dll

Resource

win10v2004-20230221-en

dridex 22202 botnet loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

51.83.47.27:443

82.98.180.154:6602

159.65.88.10:4664

91.121.146.47:10443

rc4.plain

rc4.plain

Targets

- Target
  
  d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.dll
- Size
  
  492KB
- MD5
  
  b07b51f2aaec02e2b4200e028a726442
- SHA1
  
  fb3d5e9fc43aea2f11748a7ea214b0f95e61a7bd
- SHA256
  
  d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77
- SHA512
  
  d9295f4550b8a71f2e7cd66e983620e2c4974c27fc60bfa49bda76de31ae74a05a889c8c6f5c2d93a1faeb4c2f0318ff0e778a6291bbc9bbf283e5106f50a51e
- SSDEEP
  
  12288:zlJId4XKBKjWgm1dLnROcuDgxrPwTPwf5w3Nw9PAv:z/uMGtnRzx0sK2iv
Score

10^/10

dridex 22202 botnet loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex22202botnetloader

behavioral2

dridex22202botnetloader

© 2018-2024

Terms | Privacy