Overview

overview

10

Static

static

3

4dfbcd7756...52.dll

windows7-x64

10

4dfbcd7756...52.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4dfbcd7756a89d220cc8134c3c7f8352

  • Size

    175KB

  • Sample

    231226-dclymsceg3

  • MD5

    4dfbcd7756a89d220cc8134c3c7f8352

  • SHA1

    ee8203a68f9e42d1eadc96d81d7e2b9f708724f6

  • SHA256

    f034db216df8d2e4b49cdfeae61e367c021d40458433f2af1068db8a9823d7d9

  • SHA512

    59072f0e333735e9d7304399cc0cf6f10ad69b81d1a090ee56fb5656c3b3068061b59adbb4b1e9cb351cb16e1725ebead18c10e3e461abccd527de7dfa46e260

  • SSDEEP

    3072:WCPOe6ths2hyT0DzJfN3ZKU3YkmN5Sw4Q2kUl59Pn94bAAW0f3:WCPOem/DzJhok45X4HPib

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

46.55.222.10:443

104.248.178.90:4664

173.212.243.155:7002
rc4.plain
rc4.plain

Targets

    • Target

      4dfbcd7756a89d220cc8134c3c7f8352

    • Size

      175KB

    • MD5

      4dfbcd7756a89d220cc8134c3c7f8352

    • SHA1

      ee8203a68f9e42d1eadc96d81d7e2b9f708724f6

    • SHA256

      f034db216df8d2e4b49cdfeae61e367c021d40458433f2af1068db8a9823d7d9

    • SHA512

      59072f0e333735e9d7304399cc0cf6f10ad69b81d1a090ee56fb5656c3b3068061b59adbb4b1e9cb351cb16e1725ebead18c10e3e461abccd527de7dfa46e260

    • SSDEEP

      3072:WCPOe6ths2hyT0DzJfN3ZKU3YkmN5Sw4Q2kUl59Pn94bAAW0f3:WCPOem/DzJhok45X4HPib

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks