Overview

overview

10

Static

static

1

4fccd38f50...15.exe

windows7-x64

10

4fccd38f50...15.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e43c2a90e7de672e160ac5e8dd2e4df132d8292e295b721b82de368d3e6f8630

  • Size

    157KB

  • Sample

    240417-qw8mzabe2v

  • MD5

    dca52f8bac9438bca07514cde48e6f72

  • SHA1

    39ee5f4a3ee8351a19f1496845e21b763a7d7329

  • SHA256

    e43c2a90e7de672e160ac5e8dd2e4df132d8292e295b721b82de368d3e6f8630

  • SHA512

    4ba151683ec56884e64a983b133567df35529ffba073c89ef8d19fae5808286b3d096493c02e1b9bca976e63ce6111d2f085b9c0230f4f8fde2b1fde1c05a5f6

  • SSDEEP

    3072:TGieDzbb+Lk9fkIU93itdVbZffhs2F9JA4GALpHP1aXcBAZfvmcZB8+8166k:plk9UGdVvs+Jl9H9KsO8Q

Score
10/10
dridexbotnetloader

Malware Config

Extracted

Family

dridex

C2

198.61.168.254:443

51.255.165.160:3389

209.126.105.6:884

Targets

    • Target

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115.exe

    • Size

      241KB

    • MD5

      e614a69d706913376ab2bb20a703dcf5

    • SHA1

      3a83bb68be29e1f18fc9d328d952fd228abfae2a

    • SHA256

      4fccd38f504290cf5c70e7336071a90a064303c7fdf5c17f7c38001768bce115

    • SHA512

      dd22042b471b608b7a52d531d3b690d35cbe684333cd88c55709b6b562f81d3c02e866ad95fb4e6d62908005cd9e5ae01e88d3c86346ce0c2c156036b72b77ec

    • SSDEEP

      3072:KWiPOo14wwI606CzpJEPlp+K2b1WvAUQdk5m84D2KQdXtvkDqW0TrHbed2rT2pN8:KWdEj6rapJEPr11AXdQm84Dr0OOPSR4

    Score
    10/10
    dridexbotnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks