Overview

overview

10

Static

static

3

bcd53a03a1...ca.dll

windows7-x64

10

bcd53a03a1...ca.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bcd53a03a12a4ce08e833fdcdd8d8cca

  • Size

    2.0MB

  • Sample

    231222-rlahvsbca4

  • MD5

    bcd53a03a12a4ce08e833fdcdd8d8cca

  • SHA1

    0e84a0c65f7eb5273609ec94a4de8217995726db

  • SHA256

    610801e1516dac10986662e4aa33209c5699069c84322ac8abdcd548a8eb3ea0

  • SHA512

    729335e687444f306acea30cb14569247b3ffda79d935a08163a5d0fc92d2268fa0023249c10789833b4f2202e8c7832617256c9c362585a8bb4afaeee3c6788

  • SSDEEP

    12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Score
10/10
dridexbotnetevasionpayloadpersistencetrojan

Malware Config

Targets

    • Target

      bcd53a03a12a4ce08e833fdcdd8d8cca

    • Size

      2.0MB

    • MD5

      bcd53a03a12a4ce08e833fdcdd8d8cca

    • SHA1

      0e84a0c65f7eb5273609ec94a4de8217995726db

    • SHA256

      610801e1516dac10986662e4aa33209c5699069c84322ac8abdcd548a8eb3ea0

    • SHA512

      729335e687444f306acea30cb14569247b3ffda79d935a08163a5d0fc92d2268fa0023249c10789833b4f2202e8c7832617256c9c362585a8bb4afaeee3c6788

    • SSDEEP

      12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    Score
    10/10
    dridexbotnetevasionpayloadpersistencetrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

      botnetpayload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks