Overview

overview

10

Static

static

3

0c535f3181...0N.dll

windows7-x64

10

0c535f3181...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c535f3181c561d254a92fb3939e28c0N.exe

  • Size

    184KB

  • Sample

    240821-ls7jaavhkm

  • MD5

    0c535f3181c561d254a92fb3939e28c0

  • SHA1

    16b373dc73bc71feaff76d29f8d43b57b77150b3

  • SHA256

    0279cd8667ef857c67f11e91bafebecbe665c4c5ab42b4b4daca848c32a73e11

  • SHA512

    bc49868fffed8a0297c2c0d9c81895c6042c10a37a6cc06462bc3ada91551314cba2214f4340daa53bf0b2edf13aae8b7c7b5b3259c9e149ebb484f662904b08

  • SSDEEP

    3072:T92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTCrLA:T9NSMOEpQ1Q3ODAr+VW

Score
10/10
dridex22203botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      0c535f3181c561d254a92fb3939e28c0N.exe

    • Size

      184KB

    • MD5

      0c535f3181c561d254a92fb3939e28c0

    • SHA1

      16b373dc73bc71feaff76d29f8d43b57b77150b3

    • SHA256

      0279cd8667ef857c67f11e91bafebecbe665c4c5ab42b4b4daca848c32a73e11

    • SHA512

      bc49868fffed8a0297c2c0d9c81895c6042c10a37a6cc06462bc3ada91551314cba2214f4340daa53bf0b2edf13aae8b7c7b5b3259c9e149ebb484f662904b08

    • SSDEEP

      3072:T92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTCrLA:T9NSMOEpQ1Q3ODAr+VW

    Score
    10/10
    dridex22203botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks