dridex | 545af9bd816824fd087dd019a322caa614410e8f97484f52ca89d92781421f46 | Triage

Sharing

General

Target

3.bin
Size

236KB
Sample

220518-nev97sbhcl
MD5

e36be02e35ef401baeb5b09654519b78
SHA1

22174f824fc0917d6ac0c23f647b8c7238be3b11
SHA256

545af9bd816824fd087dd019a322caa614410e8f97484f52ca89d92781421f46
SHA512

dd7e65416332177f8643e5236ba7fe594b2018db970c925d871a8166e13703bf148594f5572de0cf83588dd2ba50c3317ca3a79b8959cb9a61078750bf4f75cc

Score

10^/10

dridex 10111 discovery evasion trojan

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

51.68.224.245:4646

188.165.17.91:8443

173.255.246.77:691

rc4.plain

rc4.plain

Targets

- Target
  
  3.bin
- Size
  
  236KB
- MD5
  
  e36be02e35ef401baeb5b09654519b78
- SHA1
  
  22174f824fc0917d6ac0c23f647b8c7238be3b11
- SHA256
  
  545af9bd816824fd087dd019a322caa614410e8f97484f52ca89d92781421f46
- SHA512
  
  dd7e65416332177f8643e5236ba7fe594b2018db970c925d871a8166e13703bf148594f5572de0cf83588dd2ba50c3317ca3a79b8959cb9a61078750bf4f75cc
Score

6^/10

discovery evasion trojan
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan