Overview

overview

10

Static

static

3

e19de869cb...34.dll

windows7-x64

10

e19de869cb...34.dll

windows10-2004-x64

10

e19de869cb...34.dll

windows10-ltsc 2021-x64

10

e19de869cb...34.dll

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534.dll

  • Size

    452KB

  • Sample

    241105-pxf4nstnaq

  • MD5

    2f695a1e3e8d36bf867a6f0db74a2d2d

  • SHA1

    594e9e1d516494736dd9e43950c37d6b3ce9e0df

  • SHA256

    e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534

  • SHA512

    efbe503c2b952af52a9e0489cdf8503302a5a5f42a8417f7969d8643a512d45b234e446586b40f5b164bdd8aa62c45325701d56f51f83d4690da2fef29fd67d1

  • SSDEEP

    6144:d6TNpkfE5C6l8UhY2lI8lyQlOulRg1Td1E5xiZy2PPSCbHHgRscRSuRkIR8gRxil:GMEE6aUO268kQQuH0PPTbn5

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.74.143.53:443

175.107.196.23:6891

131.100.24.229:4664
rc4.plain
rc4.plain

Targets

    • Target

      e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534.dll

    • Size

      452KB

    • MD5

      2f695a1e3e8d36bf867a6f0db74a2d2d

    • SHA1

      594e9e1d516494736dd9e43950c37d6b3ce9e0df

    • SHA256

      e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534

    • SHA512

      efbe503c2b952af52a9e0489cdf8503302a5a5f42a8417f7969d8643a512d45b234e446586b40f5b164bdd8aa62c45325701d56f51f83d4690da2fef29fd67d1

    • SSDEEP

      6144:d6TNpkfE5C6l8UhY2lI8lyQlOulRg1Td1E5xiZy2PPSCbHHgRscRSuRkIR8gRxil:GMEE6aUO268kQQuH0PPTbn5

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks