dridex | 02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747bae | Triage

Submit
Reports

Overview

overview

Static

static

3

02484fd722...eN.exe

windows7-x64

02484fd722...eN.exe

windows10-2004-x64

Sharing

General

Target

02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747baeN.exe
Size

738KB
Sample

241219-clsbcatjfn
MD5

c7d0b6e721f61f7b375349d5ae1c9440
SHA1

7c0041018f140cd3ad6b89a33467c2908a29c13d
SHA256

02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747bae
SHA512

dd8c8d33c469a38e51ca9bb1af533dd51214845340706656b568d8c5eefe3c36fe3549bbc30e510e45b4dc3e9dcc2b04733fddee5fae5b75e6a2b7cf6e6f10a1
SSDEEP

12288:KAxp7ZGGOE7E1yPxzurnfvAhsec81X8U8tnx:KmtZl9wQRurnXg/L1MU8b

Score

10^/10

dridex 10111 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747baeN.exe

Resource

win7-20240903-en

dridex 10111 botnet discovery loader

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747baeN.exe

Resource

win10v2004-20241007-en

dridex 10111 botnet discovery loader

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

185.230.161.62:3389

2.58.16.89:8443

rc4.plain

rc4.plain

Targets

- Target
  
  02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747baeN.exe
- Size
  
  738KB
- MD5
  
  c7d0b6e721f61f7b375349d5ae1c9440
- SHA1
  
  7c0041018f140cd3ad6b89a33467c2908a29c13d
- SHA256
  
  02484fd7226d433917d4b5d9c501dcf08c100170ee731e70fe72b6139b747bae
- SHA512
  
  dd8c8d33c469a38e51ca9bb1af533dd51214845340706656b568d8c5eefe3c36fe3549bbc30e510e45b4dc3e9dcc2b04733fddee5fae5b75e6a2b7cf6e6f10a1
- SSDEEP
  
  12288:KAxp7ZGGOE7E1yPxzurnfvAhsec81X8U8tnx:KmtZl9wQRurnXg/L1MU8b
Score

10^/10

dridex 10111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscoveryloader

behavioral2

dridex10111botnetdiscoveryloader

© 2018-2025

Terms | Privacy