dridex | 4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6 | Triage

Submit
Reports

Overview

overview

Static

static

3

4cf578e242...f6.exe

windows7-x64

4cf578e242...f6.exe

windows10-2004-x64

Sharing

General

Target

4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6.exe
Size

738KB
Sample

241218-1e8azstkel
MD5

5bb29ccd2ea2adff9f13623ca432a820
SHA1

3f6baee54f885747be0aab362e99060eb4f656cc
SHA256

4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6
SHA512

86e977623272f54bf9c1358c2ad1c6d59f409c50b8bde1d7b3bb25b7dbbdb69d2ab0aa6240a9481d645ba1886a2c3164a8dc868c5994d04c9f24e2926e5978b5
SSDEEP

12288:KAxp7ZGGOE7E1yPxzurnfvAhsec81X8U8tnx7:KmtZl9wQRurnXg/L1MU8b7

Score

10^/10

dridex 10111 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6.exe

Resource

win7-20241010-en

dridex 10111 botnet discovery loader

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6.exe

Resource

win10v2004-20241007-en

dridex 10111 botnet discovery loader

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

185.230.161.62:3389

2.58.16.89:8443

rc4.plain

rc4.plain

Targets

- Target
  
  4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6.exe
- Size
  
  738KB
- MD5
  
  5bb29ccd2ea2adff9f13623ca432a820
- SHA1
  
  3f6baee54f885747be0aab362e99060eb4f656cc
- SHA256
  
  4cf578e2422d99e7b78a7c4fc6048957a8fd5aa9b81be3b408f0fe249cfac7f6
- SHA512
  
  86e977623272f54bf9c1358c2ad1c6d59f409c50b8bde1d7b3bb25b7dbbdb69d2ab0aa6240a9481d645ba1886a2c3164a8dc868c5994d04c9f24e2926e5978b5
- SSDEEP
  
  12288:KAxp7ZGGOE7E1yPxzurnfvAhsec81X8U8tnx7:KmtZl9wQRurnXg/L1MU8b7
Score

10^/10

dridex 10111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscoveryloader

behavioral2

dridex10111botnetdiscoveryloader

© 2018-2025

Terms | Privacy