dridex | 8c9b7977acbf048abb5ac04456b3d6ba10679dfdfdce037da68232351f19d470 | Triage

Sharing

General

Target

8c9b7977acbf048abb5ac04456b3d6ba10679dfdfdce037da68232351f19d470
Size

232KB
Sample

220205-qb5etabhbq
MD5

b532e7be3cc6255ea989b8c75ae790f5
SHA1

63b0c1bd46f7ac30948062a205d2a1014e2ee80a
SHA256

8c9b7977acbf048abb5ac04456b3d6ba10679dfdfdce037da68232351f19d470
SHA512

aabfffc8b4d43d997e70f5dd9a20cff93c03fad6e480f4a7ab36f8e3b156f1703451fb6e7b8d372c406e7b3baa27e52942461912f42f39879b7cfcfa6f72ff1b

Score

10^/10

dridex 40400 botnet

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

104.168.154.79:443

173.212.212.173:3074

80.86.81.31:3389

85.25.185.155:691

rc4.plain

rc4.plain

Targets

- Target
  
  8c9b7977acbf048abb5ac04456b3d6ba10679dfdfdce037da68232351f19d470
- Size
  
  232KB
- MD5
  
  b532e7be3cc6255ea989b8c75ae790f5
- SHA1
  
  63b0c1bd46f7ac30948062a205d2a1014e2ee80a
- SHA256
  
  8c9b7977acbf048abb5ac04456b3d6ba10679dfdfdce037da68232351f19d470
- SHA512
  
  aabfffc8b4d43d997e70f5dd9a20cff93c03fad6e480f4a7ab36f8e3b156f1703451fb6e7b8d372c406e7b3baa27e52942461912f42f39879b7cfcfa6f72ff1b
Score

10^/10

dridex 40400 botnet
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnet

behavioral2