Overview

overview

10

Static

static

3

ca5597ff9d...c8.dll

windows7-x64

10

ca5597ff9d...c8.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca5597ff9df907b5fa4c9a0be2d961af5a1bd7d189997795213308271337b5c8

  • Size

    164KB

  • Sample

    241221-thdr8asncn

  • MD5

    2a9a3d5ecd803b89820d9d816f5d1203

  • SHA1

    857ce79aad8ce6c8f7920d40c067c06a410100ef

  • SHA256

    ca5597ff9df907b5fa4c9a0be2d961af5a1bd7d189997795213308271337b5c8

  • SHA512

    5c775a04097346b06e8be12ae990e86b16457d4624967dd83d65a6f397b8e06e666d1d9735d39103a0fa65403fa153796ee5dec999fdc246a3089e289aeb9346

  • SSDEEP

    3072:BBefihU8fQ2Sob/xg+eNV1A1I3aiI8i3GdVAzuECtNjP3/3ioP7y11a0E:BBefiv/12+2A1AIpFzxCtNjHSoPm11J

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

45.123.40.54:443

82.209.17.209:8172

180.250.21.2:13721
rc4.plain
rc4.plain

Targets

    • Target

      ca5597ff9df907b5fa4c9a0be2d961af5a1bd7d189997795213308271337b5c8

    • Size

      164KB

    • MD5

      2a9a3d5ecd803b89820d9d816f5d1203

    • SHA1

      857ce79aad8ce6c8f7920d40c067c06a410100ef

    • SHA256

      ca5597ff9df907b5fa4c9a0be2d961af5a1bd7d189997795213308271337b5c8

    • SHA512

      5c775a04097346b06e8be12ae990e86b16457d4624967dd83d65a6f397b8e06e666d1d9735d39103a0fa65403fa153796ee5dec999fdc246a3089e289aeb9346

    • SSDEEP

      3072:BBefihU8fQ2Sob/xg+eNV1A1I3aiI8i3GdVAzuECtNjP3/3ioP7y11a0E:BBefiv/12+2A1AIpFzxCtNjHSoPm11J

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks