dridex | 868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a | Triage

Submit
Reports

Overview

overview

Static

static

3

868bffcef3...3a.exe

windows7-x64

868bffcef3...3a.exe

windows10-2004-x64

Sharing

General

Target

868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a.exe
Size

168KB
Sample

250225-e19kaatry7
MD5

149c4d1d0e5d83771fa028a373e9936f
SHA1

c1549fee07ec73c2b649e9f69193420544a9e024
SHA256

868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a
SHA512

413031e56f00c7a0e35e23f86e856cdf2450bc985d30147d5688ddff4a0cd712f5338ad611b5a1b772d44517ea60d727ffa7baef6ef5b39f4fc7855b562c8560
SSDEEP

3072:QFKzngUjWcmyJHsAFOBEUkwMiOYEIBBnr+yaES22n9QBbSj+kTNy027Aizyv4QpD:QFKsShLJHdkhLOYEIBBrda2QnTNlAATH

Score

10^/10

dridex botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a.exe

Resource

win7-20240903-en

dridex botnet discovery loader

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a.exe

Resource

win10v2004-20250217-en

dridex botnet discovery loader

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Extracted

Family

dridex

C2

185.14.148.34:443

62.75.159.154:884

92.222.219.26:4433

207.210.242.14:3389

Targets

- Target
  
  868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a.exe
- Size
  
  168KB
- MD5
  
  149c4d1d0e5d83771fa028a373e9936f
- SHA1
  
  c1549fee07ec73c2b649e9f69193420544a9e024
- SHA256
  
  868bffcef3c7af0b582a566c95f3923d304a152017a940e7079766b4fbf3223a
- SHA512
  
  413031e56f00c7a0e35e23f86e856cdf2450bc985d30147d5688ddff4a0cd712f5338ad611b5a1b772d44517ea60d727ffa7baef6ef5b39f4fc7855b562c8560
- SSDEEP
  
  3072:QFKzngUjWcmyJHsAFOBEUkwMiOYEIBBnr+yaES22n9QBbSj+kTNy027Aizyv4QpD:QFKsShLJHdkhLOYEIBBrda2QnTNlAATH
Score

10^/10

dridex botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridexbotnetdiscoveryloader

behavioral2

dridexbotnetdiscoveryloader

© 2018-2025

Terms | Privacy