Overview

overview

10

Static

static

3

d778b18d19...a6.exe

windows7-x64

10

d778b18d19...a6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d778b18d1948420801dd7a42f8e3a9a6

  • Size

    1.1MB

  • Sample

    240320-axcnxscf2w

  • MD5

    d778b18d1948420801dd7a42f8e3a9a6

  • SHA1

    bcae05e41aae54f602a490130b31f7d0e204c6c4

  • SHA256

    9ed1d719cc8aa9561a8c208982a704c67a710d1863e0f5bd04f2e1a86a00bc24

  • SHA512

    59a5f96f49628914c97642e599bf7fda631784fa88d50b5ec4212399a226239fa1df4e396e6911576821be1b9a2604ae0fa070c4dca60dd8286a36cf28c0867e

  • SSDEEP

    6144:KK6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcRyfc:KM+ZdkmHubeaCo6Lga1QHZbOy

Score
10/10
dridex10111botnetdiscoveryevasiontrojan

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

177.52.173.20:9043

192.100.170.1:10172

166.62.103.55:7443
rc4.plain
rc4.plain

Targets

    • Target

      d778b18d1948420801dd7a42f8e3a9a6

    • Size

      1.1MB

    • MD5

      d778b18d1948420801dd7a42f8e3a9a6

    • SHA1

      bcae05e41aae54f602a490130b31f7d0e204c6c4

    • SHA256

      9ed1d719cc8aa9561a8c208982a704c67a710d1863e0f5bd04f2e1a86a00bc24

    • SHA512

      59a5f96f49628914c97642e599bf7fda631784fa88d50b5ec4212399a226239fa1df4e396e6911576821be1b9a2604ae0fa070c4dca60dd8286a36cf28c0867e

    • SSDEEP

      6144:KK6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcRyfc:KM+ZdkmHubeaCo6Lga1QHZbOy

    Score
    10/10
    dridex10111botnetdiscoveryevasiontrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks