Overview

overview

10

Static

static

3

29f17d1323...9a.dll

windows7-x64

10

29f17d1323...9a.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29f17d13233f545328e693f4683fb59a

  • Size

    184KB

  • Sample

    231231-f4savaddbp

  • MD5

    29f17d13233f545328e693f4683fb59a

  • SHA1

    a18c4e6bb2e31886be652b74a86ac95c35bce7f7

  • SHA256

    2d8fc4056652b882deea6ea1a27a26c8a28db2dca49b9c647c940fd787b8e556

  • SHA512

    9923c5681784f13fb86999d28434661050adef7a9ca0a625b0fb1a8464eb6802cbc4be6a792edb20aad13aa1a4800b358673b0a33fab6b94026d9117d745c330

  • SSDEEP

    3072:jcYhzpn9z75jWpmrL3gA99hXkKsorn+AOr4R9jvaT:jcIntom33RDvn+Rrmr

Score
10/10
dridex22203botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

137.74.112.43:443

216.108.227.55:6225

94.177.176.51:5723
rc4.plain
rc4.plain

Targets

    • Target

      29f17d13233f545328e693f4683fb59a

    • Size

      184KB

    • MD5

      29f17d13233f545328e693f4683fb59a

    • SHA1

      a18c4e6bb2e31886be652b74a86ac95c35bce7f7

    • SHA256

      2d8fc4056652b882deea6ea1a27a26c8a28db2dca49b9c647c940fd787b8e556

    • SHA512

      9923c5681784f13fb86999d28434661050adef7a9ca0a625b0fb1a8464eb6802cbc4be6a792edb20aad13aa1a4800b358673b0a33fab6b94026d9117d745c330

    • SSDEEP

      3072:jcYhzpn9z75jWpmrL3gA99hXkKsorn+AOr4R9jvaT:jcIntom33RDvn+Rrmr

    Score
    10/10
    dridex22203botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks