dridex | 9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99 | Triage

Submit
Reports

Overview

overview

Static

static

3

9d96850f37...9N.dll

windows7-x64

9d96850f37...9N.dll

windows10-2004-x64

Sharing

General

Target

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N
Size

184KB
Sample

241021-p2xl8awdpk
MD5

e71c626e7de07c9723b8cd351aa79a30
SHA1

9570402f39d17b6c5e95f26a04b15ab98eb807f8
SHA256

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99
SHA512

6f962bcac345b56237acc01dba053a047f43f31fbc4dc55a9c68e0e23b2f0928ce80f993f7fbdf3f52c3b1207102718b1c9e16d15853be0e30b075583ab24fa3
SSDEEP

3072:mW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngm3Wx9ixCH0u:t8qh+66QsRdNiBW/06ngm3WexC

Score

10^/10

dridex 22203 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N.dll

Resource

win7-20240903-en

dridex 22203 botnet discovery loader

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N.dll

Resource

win10v2004-20241007-en

dridex 22203 botnet discovery loader

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain

rc4.plain

Targets

- Target
  
  9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N
- Size
  
  184KB
- MD5
  
  e71c626e7de07c9723b8cd351aa79a30
- SHA1
  
  9570402f39d17b6c5e95f26a04b15ab98eb807f8
- SHA256
  
  9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99
- SHA512
  
  6f962bcac345b56237acc01dba053a047f43f31fbc4dc55a9c68e0e23b2f0928ce80f993f7fbdf3f52c3b1207102718b1c9e16d15853be0e30b075583ab24fa3
- SSDEEP
  
  3072:mW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngm3Wx9ixCH0u:t8qh+66QsRdNiBW/06ngm3WexC
Score

10^/10

dridex 22203 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22203botnetdiscoveryloader

behavioral2

dridex22203botnetdiscoveryloader

© 2018-2024

Terms | Privacy