Overview

overview

10

Static

static

3

1691ee8af1...0N.dll

windows7-x64

10

1691ee8af1...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1691ee8af1589da646535b0368f98b40N

  • Size

    179KB

  • Sample

    240911-f5xxqavckk

  • MD5

    1691ee8af1589da646535b0368f98b40

  • SHA1

    aac651979e1bcec156fa0987d39fdaca80b87d72

  • SHA256

    39a70e2aadc823ff8fb1fe41f4885599e81c2c869e08bcf23efafc7efb97b59d

  • SHA512

    af70b64ef0b10cf9eeae17b706dcf3606200deb9a3d6aaa3828464bc963a875a0df7756c3129df97f7ca6e681fedc5652573a397e83a08eff7078a24fe5217b8

  • SSDEEP

    3072:wuCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJj:czWxkOP4p2EesvcDi6DOHPJ0

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.76.1.150:443

50.249.212.98:23399

104.168.154.79:5007
rc4.plain
rc4.plain

Targets

    • Target

      1691ee8af1589da646535b0368f98b40N

    • Size

      179KB

    • MD5

      1691ee8af1589da646535b0368f98b40

    • SHA1

      aac651979e1bcec156fa0987d39fdaca80b87d72

    • SHA256

      39a70e2aadc823ff8fb1fe41f4885599e81c2c869e08bcf23efafc7efb97b59d

    • SHA512

      af70b64ef0b10cf9eeae17b706dcf3606200deb9a3d6aaa3828464bc963a875a0df7756c3129df97f7ca6e681fedc5652573a397e83a08eff7078a24fe5217b8

    • SSDEEP

      3072:wuCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJj:czWxkOP4p2EesvcDi6DOHPJ0

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks