Overview

overview

10

Static

static

3

478a66918c...0N.dll

windows7-x64

10

478a66918c...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    478a66918c0c0eb347e87a43d7844ed0N

  • Size

    236KB

  • Sample

    240907-3k9gca1hjq

  • MD5

    478a66918c0c0eb347e87a43d7844ed0

  • SHA1

    554e568e67ec42ad5451f5e8f9336a744d3f0cd4

  • SHA256

    d5f0e38ec25b196edbeb3777672aa1fcbd3551cf3400c2ca3118c53c09da0d92

  • SHA512

    f85b28d8c273fe80422a0e6a6200e188009503d25995cc1b57e9c8495564d37000204c15a31639052f7e5fce87391a8ec377e92e2c12ff377125f88e3a2bd805

  • SSDEEP

    6144:o1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:o1GmSafShjYdd96z/6cwdC

Score
10/10
dridex111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

111

C2

52.73.70.149:443

8.4.9.152:3786

185.246.87.202:3098

50.116.111.64:5353
rc4.plain
rc4.plain

Targets

    • Target

      478a66918c0c0eb347e87a43d7844ed0N

    • Size

      236KB

    • MD5

      478a66918c0c0eb347e87a43d7844ed0

    • SHA1

      554e568e67ec42ad5451f5e8f9336a744d3f0cd4

    • SHA256

      d5f0e38ec25b196edbeb3777672aa1fcbd3551cf3400c2ca3118c53c09da0d92

    • SHA512

      f85b28d8c273fe80422a0e6a6200e188009503d25995cc1b57e9c8495564d37000204c15a31639052f7e5fce87391a8ec377e92e2c12ff377125f88e3a2bd805

    • SSDEEP

      6144:o1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:o1GmSafShjYdd96z/6cwdC

    Score
    10/10
    dridex111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks