dridex | 996f372c2f62ac086ac9b187e5cbea5d8072431ffee0dbde26a93c50e64ee03f | Triage

Sharing

General

Target

996f372c2f62ac086ac9b187e5cbea5d8072431ffee0dbde26a93c50e64ee03f
Size

236KB
Sample

220205-pnjhfabeer
MD5

8b4ea1c5d97ed4b9fa824f691fbd7ebe
SHA1

8cfae5501e740d0618ad1aaa33b3a7286cf62051
SHA256

996f372c2f62ac086ac9b187e5cbea5d8072431ffee0dbde26a93c50e64ee03f
SHA512

07c83b827d2063b257c56460db249628cb4dbd5bba85a6f714c46b436f32532f2f11c62677334afb37c30ebd168076b705aea1516c4b0e5a37eafc406de5f8f4

Score

10^/10

dridex 40300 botnet

Malware Config

Extracted

Family

dridex

Botnet

40300

C2

104.255.102.110:443

156.67.218.141:8443

108.170.32.62:3389

82.98.141.106:1443

rc4.plain

rc4.plain

Targets

- Target
  
  996f372c2f62ac086ac9b187e5cbea5d8072431ffee0dbde26a93c50e64ee03f
- Size
  
  236KB
- MD5
  
  8b4ea1c5d97ed4b9fa824f691fbd7ebe
- SHA1
  
  8cfae5501e740d0618ad1aaa33b3a7286cf62051
- SHA256
  
  996f372c2f62ac086ac9b187e5cbea5d8072431ffee0dbde26a93c50e64ee03f
- SHA512
  
  07c83b827d2063b257c56460db249628cb4dbd5bba85a6f714c46b436f32532f2f11c62677334afb37c30ebd168076b705aea1516c4b0e5a37eafc406de5f8f4
Score

10^/10

dridex 40300 botnet
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40300botnet

behavioral2