Overview

overview

10

Static

static

622f4aa2d5...d5.exe

windows7_x64

10

622f4aa2d5...d5.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    622f4aa2d5e82438f3a40a35ab4902d5

  • Size

    164KB

  • Sample

    210714-zpq88b5yls

  • MD5

    622f4aa2d5e82438f3a40a35ab4902d5

  • SHA1

    b486db47021575c47e7b130bed1ad70b8bf6a719

  • SHA256

    277089cb78a9c493cecd8f5fbe70df0577d4f9557fb8b55ff5f7c2505308ca3a

  • SHA512

    2526c4ddad898208f5c3884e869beb35955a85ed92b628e1f7622daaf84d1f5e14071e6ab6984b8431eb9d127ae0e32c927699a40ef448169f81f74023df3446

Score
10/10
dridex22202botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

202.29.60.34:443

66.175.217.172:13786

78.46.78.42:9043
rc4.plain
rc4.plain

Targets

    • Target

      622f4aa2d5e82438f3a40a35ab4902d5

    • Size

      164KB

    • MD5

      622f4aa2d5e82438f3a40a35ab4902d5

    • SHA1

      b486db47021575c47e7b130bed1ad70b8bf6a719

    • SHA256

      277089cb78a9c493cecd8f5fbe70df0577d4f9557fb8b55ff5f7c2505308ca3a

    • SHA512

      2526c4ddad898208f5c3884e869beb35955a85ed92b628e1f7622daaf84d1f5e14071e6ab6984b8431eb9d127ae0e32c927699a40ef448169f81f74023df3446

    Score
    10/10
    dridex22202botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks