Overview

overview

10

Static

static

1

4fccd38f50...15.exe

windows7-x64

10

4fccd38f50...15.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d620b2d4891c3396a68c371391bf3a24ec7819f1f0484b9123f1fe0eb45b4998

  • Size

    157KB

  • Sample

    240417-qghg8sad7s

  • MD5

    c4a5a8b041cc2be70f7bb568ab11969d

  • SHA1

    f7e718dc70ee7e707203937ed0a64361639f0175

  • SHA256

    d620b2d4891c3396a68c371391bf3a24ec7819f1f0484b9123f1fe0eb45b4998

  • SHA512

    154658438de49bcfd1560fdbdad037ea44187018b2d133f79e8a82f3b1959409cd99d7e5847003ce56cfaef03ab1cb452f8587abbc67eac6ee9c9aef0d38b25b

  • SSDEEP

    3072:/xzwbFrCCvU6DZ+r3NQXtfeW0pNth+WLnyyXZ+9Eik9ujUs+Vzoj3wrY:oRsGZ+r3NQ9wv5n7Z+9EP4gs+VzKCY

Score
10/10
dridexbotnetloader

Malware Config

Extracted

Family

dridex

C2

198.61.168.254:443

51.255.165.160:3389

209.126.105.6:884

Targets

    • Target

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115.exe

    • Size

      241KB

    • MD5

      e614a69d706913376ab2bb20a703dcf5

    • SHA1

      3a83bb68be29e1f18fc9d328d952fd228abfae2a

    • SHA256

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115

    • SHA512

      dd22042b471b608b7a52d531d3b690d35cbe684333cd88c55709b6b562f81d3c02e866ad95fb4e6d62908005cd9e5ae01e88d3c86346ce0c2c156036b72b77ec

    • SSDEEP

      3072:KWiPOo14wwI606CzpJEPlp+K2b1WvAUQdk5m84D2KQdXtvkDqW0TrHbed2rT2pN8:KWdEj6rapJEPr11AXdQm84Dr0OOPSR4

    Score
    10/10
    dridexbotnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks