dridex | 51115bd45aa179983b17a232e815b5f3ce5dff3ceafdeac09e7313c1192154ca | Triage

Submit
Reports

Overview

overview

Static

static

3

4b168714cc...0N.dll

windows7-x64

4b168714cc...0N.dll

windows10-2004-x64

Sharing

General

Target

4b168714ccda7dbebbc5b3bd3c31bb70N.exe
Size

184KB
Sample

240816-a7dnzawajc
MD5

4b168714ccda7dbebbc5b3bd3c31bb70
SHA1

9f1562416ea4e1690f132cf139391e2a53ed0b97
SHA256

51115bd45aa179983b17a232e815b5f3ce5dff3ceafdeac09e7313c1192154ca
SHA512

5ab798c94160b2a31ef0530dbe5b7ccb0eb58f3cc7a1161155a6c7750ad88683494dc9c97095c4738afaef12bd54a48623c97ca4ab60cadcdacc44e6a0ad9fc5
SSDEEP

3072:kJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8J2a//2uFrSc:JfYOX+wTScR/Xzku9LVwVuG

Score

10^/10

dridex 22201 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4b168714ccda7dbebbc5b3bd3c31bb70N.dll

Resource

win7-20240704-en

dridex 22201 botnet discovery loader

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

4b168714ccda7dbebbc5b3bd3c31bb70N.dll

Resource

win10v2004-20240802-en

dridex 22201 botnet discovery loader

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  4b168714ccda7dbebbc5b3bd3c31bb70N.exe
- Size
  
  184KB
- MD5
  
  4b168714ccda7dbebbc5b3bd3c31bb70
- SHA1
  
  9f1562416ea4e1690f132cf139391e2a53ed0b97
- SHA256
  
  51115bd45aa179983b17a232e815b5f3ce5dff3ceafdeac09e7313c1192154ca
- SHA512
  
  5ab798c94160b2a31ef0530dbe5b7ccb0eb58f3cc7a1161155a6c7750ad88683494dc9c97095c4738afaef12bd54a48623c97ca4ab60cadcdacc44e6a0ad9fc5
- SSDEEP
  
  3072:kJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8J2a//2uFrSc:JfYOX+wTScR/Xzku9LVwVuG
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader

© 2018-2024

Terms | Privacy