dridex | f0678b26a28ea7dc1c6e8c68887be3230ec554a4f44bc84547f71f5d7a2dc7cd | Triage

Submit
Reports

Overview

overview

Static

static

3

04aa21dfb0...0N.dll

windows7-x64

04aa21dfb0...0N.dll

windows10-2004-x64

Sharing

General

Target

04aa21dfb0b6c40beb94794c0f479e80N.exe
Size

184KB
Sample

240818-zm2bzatcrc
MD5

04aa21dfb0b6c40beb94794c0f479e80
SHA1

1914767a2d8e2a18845e10dc4ad30e0377ad0619
SHA256

f0678b26a28ea7dc1c6e8c68887be3230ec554a4f44bc84547f71f5d7a2dc7cd
SHA512

74d0652a72107a1a6664a6ee92b4239428c4f7f13e26650b8b02453fdf98745e2d7cca487f5d49e204b648c8e148a444141fc4830aec044e1ccf0e25209bcdfc
SSDEEP

3072:QJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JDa//2uFrSc:tfYOX+wTScR/Xzku9LVw8uG

Score

10^/10

dridex 22201 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

04aa21dfb0b6c40beb94794c0f479e80N.dll

Resource

win7-20240708-en

dridex 22201 botnet discovery loader

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

04aa21dfb0b6c40beb94794c0f479e80N.dll

Resource

win10v2004-20240802-en

dridex 22201 botnet discovery loader

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  04aa21dfb0b6c40beb94794c0f479e80N.exe
- Size
  
  184KB
- MD5
  
  04aa21dfb0b6c40beb94794c0f479e80
- SHA1
  
  1914767a2d8e2a18845e10dc4ad30e0377ad0619
- SHA256
  
  f0678b26a28ea7dc1c6e8c68887be3230ec554a4f44bc84547f71f5d7a2dc7cd
- SHA512
  
  74d0652a72107a1a6664a6ee92b4239428c4f7f13e26650b8b02453fdf98745e2d7cca487f5d49e204b648c8e148a444141fc4830aec044e1ccf0e25209bcdfc
- SSDEEP
  
  3072:QJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JDa//2uFrSc:tfYOX+wTScR/Xzku9LVw8uG
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader

© 2018-2024

Terms | Privacy