Overview

overview

10

Static

static

3

d680b31277...1a.dll

windows7-x64

10

d680b31277...1a.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d680b312773f2ebfd9882d0248369b1a

  • Size

    188KB

  • Sample

    240319-s77wxsgd2y

  • MD5

    d680b312773f2ebfd9882d0248369b1a

  • SHA1

    a5a3420b97f360c0795a952579f9e146b4046496

  • SHA256

    fc09d3f459843ed26f3a81c2e627540824912c6bac5611bc30d80e88ba5dc2a3

  • SHA512

    aa1704159b6931954bed06c2600c4d657e9df19b4ed52aa21d6bf5932e9fb57e439070fc3229def56c8a6d79791486eea8152456f6bf7fb377a974f9cb4ebc44

  • SSDEEP

    3072:aH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViWZ7dU:aUua/Pv7YNhRIEZDeXVpAxtMsxK

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      d680b312773f2ebfd9882d0248369b1a

    • Size

      188KB

    • MD5

      d680b312773f2ebfd9882d0248369b1a

    • SHA1

      a5a3420b97f360c0795a952579f9e146b4046496

    • SHA256

      fc09d3f459843ed26f3a81c2e627540824912c6bac5611bc30d80e88ba5dc2a3

    • SHA512

      aa1704159b6931954bed06c2600c4d657e9df19b4ed52aa21d6bf5932e9fb57e439070fc3229def56c8a6d79791486eea8152456f6bf7fb377a974f9cb4ebc44

    • SSDEEP

      3072:aH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViWZ7dU:aUua/Pv7YNhRIEZDeXVpAxtMsxK

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks