dridex | 08f2b9d5b3ca38866f7bd8dd25c0aa65e9694b50a27282ebfa6d8d5ec42dda2b | Triage

Submit
Reports

Overview

overview

Static

static

3

3a6e27c0d5...3N.dll

windows7-x64

3a6e27c0d5...3N.dll

windows10-2004-x64

Sharing

General

Target

3a6e27c0d5a262aff3a50f7c1965cd667f1720c31c2f34fafa2506377b622aa3N.exe
Size

184KB
Sample

241112-bd9d8azney
MD5

19efd874be7e59e6310095114e017993
SHA1

899eccddc62b9a480eec0ecb1862a768d7136233
SHA256

08f2b9d5b3ca38866f7bd8dd25c0aa65e9694b50a27282ebfa6d8d5ec42dda2b
SHA512

8a4a47e3a799c6903c606a2c92ebd23a86753499242fbf90338a5f72d2bfd214feae2c9e8e0481c2f14a97793947f6d83c838a80d1eef33f324eddd922928f52
SSDEEP

3072:vJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8Jla//2uFrSce:8fYOX+wTScR/Xzku9LVwiuGi

Score

10^/10

dridex 22201 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3a6e27c0d5a262aff3a50f7c1965cd667f1720c31c2f34fafa2506377b622aa3N.dll

Resource

win7-20240708-en

dridex 22201 botnet discovery loader

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

3a6e27c0d5a262aff3a50f7c1965cd667f1720c31c2f34fafa2506377b622aa3N.dll

Resource

win10v2004-20241007-en

dridex 22201 botnet discovery loader

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  3a6e27c0d5a262aff3a50f7c1965cd667f1720c31c2f34fafa2506377b622aa3N.exe
- Size
  
  184KB
- MD5
  
  19efd874be7e59e6310095114e017993
- SHA1
  
  899eccddc62b9a480eec0ecb1862a768d7136233
- SHA256
  
  08f2b9d5b3ca38866f7bd8dd25c0aa65e9694b50a27282ebfa6d8d5ec42dda2b
- SHA512
  
  8a4a47e3a799c6903c606a2c92ebd23a86753499242fbf90338a5f72d2bfd214feae2c9e8e0481c2f14a97793947f6d83c838a80d1eef33f324eddd922928f52
- SSDEEP
  
  3072:vJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8Jla//2uFrSce:8fYOX+wTScR/Xzku9LVwiuGi
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader

© 2018-2024

Terms | Privacy