Overview

overview

10

Static

static

3

f88dd9ea16...0N.dll

windows7-x64

10

f88dd9ea16...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f88dd9ea16e9c69978cc4411a80454c0N

  • Size

    179KB

  • Sample

    240914-pmxnnstclm

  • MD5

    f88dd9ea16e9c69978cc4411a80454c0

  • SHA1

    303f2e5b58f216646f3151b56cd2df88591395c3

  • SHA256

    f2e603061682c9efc415808466641582acaca10b1a5dbb2bb800a6298b977139

  • SHA512

    85caea300bfc2433c308b7ff5d9edac3a949ec464a248cd56d3acd633ab7de8e981511e5c2fc3b272cba862ed1891abd9c0d0d40dd5490530f08dd013737f345

  • SSDEEP

    3072:OWX2IjzzpM+PncPeY8+O3AU3HRIHPh3UGfXy0BHNkIv/ScbQQ2y0iNM0+y+N0tcc:O42IfzNPnoeY8j3AsHGPXpHNj6rByM36

Score
10/10
dridex40111botnetdiscoveryevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

94.247.168.64:443

159.203.93.122:8172

50.116.27.97:2303
rc4.plain
rc4.plain

Targets

    • Target

      f88dd9ea16e9c69978cc4411a80454c0N

    • Size

      179KB

    • MD5

      f88dd9ea16e9c69978cc4411a80454c0

    • SHA1

      303f2e5b58f216646f3151b56cd2df88591395c3

    • SHA256

      f2e603061682c9efc415808466641582acaca10b1a5dbb2bb800a6298b977139

    • SHA512

      85caea300bfc2433c308b7ff5d9edac3a949ec464a248cd56d3acd633ab7de8e981511e5c2fc3b272cba862ed1891abd9c0d0d40dd5490530f08dd013737f345

    • SSDEEP

      3072:OWX2IjzzpM+PncPeY8+O3AU3HRIHPh3UGfXy0BHNkIv/ScbQQ2y0iNM0+y+N0tcc:O42IfzNPnoeY8j3AsHGPXpHNj6rByM36

    Score
    10/10
    dridex40111botnetdiscoveryevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks