Overview

overview

10

Static

static

3

Trojan.Win...ex.dll

windows7-x64

10

Trojan.Win...ex.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trojan.Win32.Dridex.pz6f8f87d42de16b9ad9ca77375e150a4c697cb3efd7df5600cf7147d23ac681b3N

  • Size

    1.1MB

  • Sample

    240917-kkdesstfle

  • MD5

    eb730c417dad437e32c709051c836f00

  • SHA1

    6214f3ce1c8a0ccd6a06af4092fa28bbf2e8ad7d

  • SHA256

    6f8f87d42de16b9ad9ca77375e150a4c697cb3efd7df5600cf7147d23ac681b3

  • SHA512

    abc06c06736a875d60daf26bd50236997ade61fdd58c14491e0010f09810e6ef408abca90dbd546cf49c73baa4875365a211ef9430ec4cde088180d1664b5be4

  • SSDEEP

    6144:DzWxkOP4p2EesvcDi6DOHPJ8/bbMU4h6ijlaWWaLNVdi7r:uSOP47es0e6yHPJ8/bbMU4hV8WWajdin

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.76.1.150:443

50.249.212.98:23399

104.168.154.79:5007
rc4.plain
rc4.plain

Targets

    • Target

      Trojan.Win32.Dridex.pz6f8f87d42de16b9ad9ca77375e150a4c697cb3efd7df5600cf7147d23ac681b3N

    • Size

      1.1MB

    • MD5

      eb730c417dad437e32c709051c836f00

    • SHA1

      6214f3ce1c8a0ccd6a06af4092fa28bbf2e8ad7d

    • SHA256

      6f8f87d42de16b9ad9ca77375e150a4c697cb3efd7df5600cf7147d23ac681b3

    • SHA512

      abc06c06736a875d60daf26bd50236997ade61fdd58c14491e0010f09810e6ef408abca90dbd546cf49c73baa4875365a211ef9430ec4cde088180d1664b5be4

    • SSDEEP

      6144:DzWxkOP4p2EesvcDi6DOHPJ8/bbMU4h6ijlaWWaLNVdi7r:uSOP47es0e6yHPJ8/bbMU4hV8WWajdin

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks