Overview

overview

10

Static

static

3

f9148da31f...5N.exe

windows7-x64

10

f9148da31f...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9148da31fec05284129402932eb09e240ec48f713c9fdad33f0f0b87b21f7c5N.exe

  • Size

    164KB

  • Sample

    250116-fqwfcatjhs

  • MD5

    499f59d8b1ad9388842a1973da2dcaa0

  • SHA1

    b19e73677f4e70e5f552dc0c26478189a31f1ff7

  • SHA256

    f9148da31fec05284129402932eb09e240ec48f713c9fdad33f0f0b87b21f7c5

  • SHA512

    7c2a9a7eb7c647c6d93aba7f2543370d4b9836777adacb869fcae4312b0c7f9acc49546199868862bfd358093ba25449049e8b548318a071e68ddb49ea96f84a

  • SSDEEP

    3072:vcf+u4HhwG5A7kJUjc/8JTAf5NRj/BtWsaeEaUsFGWGLorDfxVi67zq44:vBOGu7yf5LVtufcVDpj7zq

Score
10/10
dridexbotnetdiscoveryloader

Malware Config

Extracted

Family

dridex

C2

2.56.212.75:443

103.80.51.61:691

88.220.65.41:3389

185.69.154.108:691

Targets

    • Target

      f9148da31fec05284129402932eb09e240ec48f713c9fdad33f0f0b87b21f7c5N.exe

    • Size

      164KB

    • MD5

      499f59d8b1ad9388842a1973da2dcaa0

    • SHA1

      b19e73677f4e70e5f552dc0c26478189a31f1ff7

    • SHA256

      f9148da31fec05284129402932eb09e240ec48f713c9fdad33f0f0b87b21f7c5

    • SHA512

      7c2a9a7eb7c647c6d93aba7f2543370d4b9836777adacb869fcae4312b0c7f9acc49546199868862bfd358093ba25449049e8b548318a071e68ddb49ea96f84a

    • SSDEEP

      3072:vcf+u4HhwG5A7kJUjc/8JTAf5NRj/BtWsaeEaUsFGWGLorDfxVi67zq44:vBOGu7yf5LVtufcVDpj7zq

    Score
    10/10
    dridexbotnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks