Overview

overview

10

Static

static

1

4fccd38f50...15.exe

windows7-x64

10

4fccd38f50...15.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115.zip

  • Size

    157KB

  • Sample

    230310-nl78cafb6v

  • MD5

    d3467649c7057267f74d4fb58a487834

  • SHA1

    d9367aaaf204a8af9137ac0bee122094c71ec98f

  • SHA256

    09e55d415c2e6d2cb6ce4c68d84302b63c0ce09a1db1daa942f8aa652d159e4c

  • SHA512

    1c8992fd0817e337f6ea5a78385e6356b3a86e7e4258094af85dfa7582b5abab39e4e640eef13fae8d95f9017889ec0a2cad036603dcc930a1d81eb5921f6a28

  • SSDEEP

    3072:8UGjaxKHSZLzGFe7Y1o5p+UjSSnRgsFvNNdO/ay8lbjG5:8/jaxKW2FesOp+mRd1N0ay2bjG5

Score
10/10
dridexbotnetloader

Malware Config

Extracted

Family

dridex

C2

198.61.168.254:443

51.255.165.160:3389

209.126.105.6:884

Targets

    • Target

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115.exe

    • Size

      241KB

    • MD5

      e614a69d706913376ab2bb20a703dcf5

    • SHA1

      3a83bb68be29e1f18fc9d328d952fd228abfae2a

    • SHA256

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115

    • SHA512

      dd22042b471b608b7a52d531d3b690d35cbe684333cd88c55709b6b562f81d3c02e866ad95fb4e6d62908005cd9e5ae01e88d3c86346ce0c2c156036b72b77ec

    • SSDEEP

      3072:KWiPOo14wwI606CzpJEPlp+K2b1WvAUQdk5m84D2KQdXtvkDqW0TrHbed2rT2pN8:KWdEj6rapJEPr11AXdQm84Dr0OOPSR4

    Score
    10/10
    dridexbotnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks