Overview

overview

10

Static

static

1

4fccd38f50...15.exe

windows7-x64

10

4fccd38f50...15.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7fd193ca6e06d80ebafc3b8e88c29923373d7e09bdc9e0263b4bf71408ff088b

  • Size

    157KB

  • Sample

    240417-qcfg3sgf32

  • MD5

    4ef72b176417f92fef0e18b42a16b76c

  • SHA1

    5c9f2e0dca3b7c5b5781db0b77bdc2d1597ca114

  • SHA256

    7fd193ca6e06d80ebafc3b8e88c29923373d7e09bdc9e0263b4bf71408ff088b

  • SHA512

    1090fd3b14f992585241b78c98cacdf3f34a9bbb60ea5cf03ff08a7149a52ecd337d9449cbf902f60bfd05733a21571627ddc9ce7d5cb8009c24e10176f7df28

  • SSDEEP

    3072:+HTx0r18s7cNULmae9IgutiYz11REh0o+d9Jshw6PrlFpozvAEe:qarKbNULmae6NtF51REeo+Zj6xbocb

Score
10/10
dridexbotnetloader

Malware Config

Extracted

Family

dridex

C2

198.61.168.254:443

51.255.165.160:3389

209.126.105.6:884

Targets

    • Target

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115.exe

    • Size

      241KB

    • MD5

      e614a69d706913376ab2bb20a703dcf5

    • SHA1

      3a83bb68be29e1f18fc9d328d952fd228abfae2a

    • SHA256

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115

    • SHA512

      dd22042b471b608b7a52d531d3b690d35cbe684333cd88c55709b6b562f81d3c02e866ad95fb4e6d62908005cd9e5ae01e88d3c86346ce0c2c156036b72b77ec

    • SSDEEP

      3072:KWiPOo14wwI606CzpJEPlp+K2b1WvAUQdk5m84D2KQdXtvkDqW0TrHbed2rT2pN8:KWdEj6rapJEPr11AXdQm84Dr0OOPSR4

    Score
    10/10
    dridexbotnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks