Overview

overview

10

Static

static

3

86d411672f...46.dll

windows7-x64

10

86d411672f...46.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86d411672feb96c86028bc1b92b24a82f466142eb69114a678239e03c1035146

  • Size

    844KB

  • Sample

    250223-bp95wsvqv4

  • MD5

    3e9263f8e367d1ca5323180b4f97062c

  • SHA1

    e1994d805eb16ca16a5a88a96702b15822bdc1b2

  • SHA256

    86d411672feb96c86028bc1b92b24a82f466142eb69114a678239e03c1035146

  • SHA512

    9c069af43f7ea6412bf6eeddb063a090e19de725d577bc41891495845984262c9ebdb698727afcb82327f60bed62a7019dd55a9139390d6635c522109e14bd16

  • SSDEEP

    12288:mh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p2N1:m74xw9ddURN6p2N

Score
10/10
dridexbotnetdiscoveryloaderpersistence

Malware Config

Targets

    • Target

      86d411672feb96c86028bc1b92b24a82f466142eb69114a678239e03c1035146

    • Size

      844KB

    • MD5

      3e9263f8e367d1ca5323180b4f97062c

    • SHA1

      e1994d805eb16ca16a5a88a96702b15822bdc1b2

    • SHA256

      86d411672feb96c86028bc1b92b24a82f466142eb69114a678239e03c1035146

    • SHA512

      9c069af43f7ea6412bf6eeddb063a090e19de725d577bc41891495845984262c9ebdb698727afcb82327f60bed62a7019dd55a9139390d6635c522109e14bd16

    • SSDEEP

      12288:mh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p2N1:m74xw9ddURN6p2N

    Score
    10/10
    dridexbotnetdiscoveryloaderpersistence

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader 'dmod' strings

      Detects 'dmod' strings in Dridex loader.

      botnetloader

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks