Overview

overview

10

Static

static

3

11afa7d04a...0N.dll

windows7-x64

10

11afa7d04a...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11afa7d04a73a082e6524aa92281e570N

  • Size

    236KB

  • Sample

    240910-bw3pdssbqb

  • MD5

    11afa7d04a73a082e6524aa92281e570

  • SHA1

    9422aa76fd425367ce2ff8de8151725e9da57133

  • SHA256

    9beb14616ccc7d35a7e998e9767dbf363df3d3ce0296987d1b5468f6af858ab0

  • SHA512

    3f8d819847e75138a3c0366bedbbffba09f2dbaa627ee8490dd1208a66cfba02ff48e4314329fc3bd820c2492ccf87cc34f85849d230d8775114c2415a7ab015

  • SSDEEP

    6144:b1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:b1GmSafShjYdd96z/6cwdC

Score
10/10
dridex111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

111

C2

52.73.70.149:443

8.4.9.152:3786

185.246.87.202:3098

50.116.111.64:5353
rc4.plain
rc4.plain

Targets

    • Target

      11afa7d04a73a082e6524aa92281e570N

    • Size

      236KB

    • MD5

      11afa7d04a73a082e6524aa92281e570

    • SHA1

      9422aa76fd425367ce2ff8de8151725e9da57133

    • SHA256

      9beb14616ccc7d35a7e998e9767dbf363df3d3ce0296987d1b5468f6af858ab0

    • SHA512

      3f8d819847e75138a3c0366bedbbffba09f2dbaa627ee8490dd1208a66cfba02ff48e4314329fc3bd820c2492ccf87cc34f85849d230d8775114c2415a7ab015

    • SSDEEP

      6144:b1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:b1GmSafShjYdd96z/6cwdC

    Score
    10/10
    dridex111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks