dridex | 715b0799c3db5307a402611daafd191baabd2ba9d580f086fe42e20e5fed8e7c | Triage

Submit
Reports

Overview

overview

Static

static

3

c95131572a...0N.dll

windows7-x64

c95131572a...0N.dll

windows10-2004-x64

Sharing

General

Target

c95131572adc4115f3ecbe21f537afa0N
Size

188KB
Sample

240826-ak7crstdqh
MD5

c95131572adc4115f3ecbe21f537afa0
SHA1

da0cf956f67aed2eabee6d32db828ea5c8ce6cd8
SHA256

715b0799c3db5307a402611daafd191baabd2ba9d580f086fe42e20e5fed8e7c
SHA512

ec1a366d2354e989f1be26da602d79c7b1d5aa4e18e41ba2258eebbb37e2fe927f61e89516f99b3c107b76d0a209a721baba0f548035842ad12282eb78823b6d
SSDEEP

3072:aVQvaAHkST6gWMlS5bGoU7jAgjP4M1/cc7PbTp1CV9nEwivYUcRoYt:aVQCAESHWMObGsM1l7XTqnxZf

Score

10^/10

dridex 111 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c95131572adc4115f3ecbe21f537afa0N.dll

Resource

win7-20240704-en

dridex 111 botnet discovery loader

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

c95131572adc4115f3ecbe21f537afa0N.dll

Resource

win10v2004-20240802-en

dridex 111 botnet discovery loader

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Extracted

Family

dridex

Botnet

111

C2

213.202.229.72:3074

85.25.144.36:4643

202.91.8.121:4643

107.175.87.150:3889

rc4.plain

rc4.plain

Targets

- Target
  
  c95131572adc4115f3ecbe21f537afa0N
- Size
  
  188KB
- MD5
  
  c95131572adc4115f3ecbe21f537afa0
- SHA1
  
  da0cf956f67aed2eabee6d32db828ea5c8ce6cd8
- SHA256
  
  715b0799c3db5307a402611daafd191baabd2ba9d580f086fe42e20e5fed8e7c
- SHA512
  
  ec1a366d2354e989f1be26da602d79c7b1d5aa4e18e41ba2258eebbb37e2fe927f61e89516f99b3c107b76d0a209a721baba0f548035842ad12282eb78823b6d
- SSDEEP
  
  3072:aVQvaAHkST6gWMlS5bGoU7jAgjP4M1/cc7PbTp1CV9nEwivYUcRoYt:aVQCAESHWMObGsM1l7XTqnxZf
Score

10^/10

dridex 111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex111botnetdiscoveryloader

behavioral2

dridex111botnetdiscoveryloader

© 2018-2024

Terms | Privacy