Overview

overview

10

Static

static

3

7a16a27031...17.dll

windows7-x64

10

7a16a27031...17.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7a16a27031cf4f37631143b4d4c85317

  • Size

    184KB

  • Sample

    240127-nb1eraahg6

  • MD5

    7a16a27031cf4f37631143b4d4c85317

  • SHA1

    794347ac9b803ff91d55176bc570f757d2281fd8

  • SHA256

    38b1fd3cee60733d77a6ccdf9a7b9cb5173735bce148d72544b9e671003b3f1c

  • SHA512

    cb3660b8bdfc3dc6f46984bc6337c7a5cdf0f879d0e207a752fd11ef74e6145f9e716f5d62922fc3393745438faf3d3e5ca5618da044d0210bcf78cd47d61d21

  • SSDEEP

    3072:Zhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JSVQcY:Z3fOeIv54W6SFKfc9me9v9/JSV

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664
rc4.plain
rc4.plain

Targets

    • Target

      7a16a27031cf4f37631143b4d4c85317

    • Size

      184KB

    • MD5

      7a16a27031cf4f37631143b4d4c85317

    • SHA1

      794347ac9b803ff91d55176bc570f757d2281fd8

    • SHA256

      38b1fd3cee60733d77a6ccdf9a7b9cb5173735bce148d72544b9e671003b3f1c

    • SHA512

      cb3660b8bdfc3dc6f46984bc6337c7a5cdf0f879d0e207a752fd11ef74e6145f9e716f5d62922fc3393745438faf3d3e5ca5618da044d0210bcf78cd47d61d21

    • SSDEEP

      3072:Zhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JSVQcY:Z3fOeIv54W6SFKfc9me9v9/JSV

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks