dridex | a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8 | Triage

Submit
Reports

Overview

overview

Static

static

1

a033824a88...f8.exe

windows7-x64

a033824a88...f8.exe

windows10-2004-x64

Sharing

General

Target

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
Size

663KB
Sample

250321-zhdecayygx
MD5

16d809757e4fe9d7b603efb0508a6242
SHA1

ccc93c678580888a4da405b61a1710297a1c3448
SHA256

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
SHA512

b2ebbafba80d94fb729ca5c3eb1f0c5c57cbb414358e181ac804e586bab3a385af49d0e8d9e3e7866c8944000fe1a9c00a5ab6fc5764d18005f5e4b631e32504
SSDEEP

12288:AHcRey4pHcRey4pHcRey4vyqCIkykwW1yaL7TOuCc:ACqCqCj1bykwW11TOnc

Score

10^/10

dridex 10111 botnet discovery loader

Static task

static1

Behavioral task

behavioral1

Sample

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8.exe

Resource

win7-20240903-en

dridex 10111 botnet discovery loader

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8.exe

Resource

win10v2004-20250314-en

dridex 10111 botnet discovery loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

185.230.161.62:3389

2.58.16.89:8443

rc4.plain

rc4.plain

Targets

- Target
  
  a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
- Size
  
  663KB
- MD5
  
  16d809757e4fe9d7b603efb0508a6242
- SHA1
  
  ccc93c678580888a4da405b61a1710297a1c3448
- SHA256
  
  a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
- SHA512
  
  b2ebbafba80d94fb729ca5c3eb1f0c5c57cbb414358e181ac804e586bab3a385af49d0e8d9e3e7866c8944000fe1a9c00a5ab6fc5764d18005f5e4b631e32504
- SSDEEP
  
  12288:AHcRey4pHcRey4pHcRey4vyqCIkykwW1yaL7TOuCc:ACqCqCj1bykwW11TOnc
Score

10^/10

dridex 10111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader 'dmod' strings
  Detects 'dmod' strings in Dridex loader.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscoveryloader

behavioral2

dridex10111botnetdiscoveryloader

© 2018-2025

Terms | Privacy