dridex | 79459fe86d3076460b6b4c5fde60e08450d8c35162f7d27eb4e2d1021c5c5a39 | Triage

Sharing

General

Target

e8019130d3f3f1166d05638abdf1283a_JaffaCakes118
Size

1.1MB
Sample

240408-vyc2aseg58
MD5

e8019130d3f3f1166d05638abdf1283a
SHA1

0b4e5a94b1733c0cdaacc11bc88abf87b0520842
SHA256

79459fe86d3076460b6b4c5fde60e08450d8c35162f7d27eb4e2d1021c5c5a39
SHA512

00fd3cece2d73390fbdaba630b918fcbec66bc9246cabd2bcc414134d2a8d0f9da6bd1cfbeaa11e46c04656a975cc5c770a3dc21ec4cc650e585efd663229496
SSDEEP

12288:bM+ZdkmHubeaCo6TRg522A/sUQBJ8Gvp:bMcpTo6a00BOq

Score

10^/10

dridex 10111 botnet discovery evasion trojan

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

176.9.89.122:10172

147.91.31.1:6225

103.30.247.115:7443

rc4.plain

rc4.plain

Targets

- Target
  
  e8019130d3f3f1166d05638abdf1283a_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  e8019130d3f3f1166d05638abdf1283a
- SHA1
  
  0b4e5a94b1733c0cdaacc11bc88abf87b0520842
- SHA256
  
  79459fe86d3076460b6b4c5fde60e08450d8c35162f7d27eb4e2d1021c5c5a39
- SHA512
  
  00fd3cece2d73390fbdaba630b918fcbec66bc9246cabd2bcc414134d2a8d0f9da6bd1cfbeaa11e46c04656a975cc5c770a3dc21ec4cc650e585efd663229496
- SSDEEP
  
  12288:bM+ZdkmHubeaCo6TRg522A/sUQBJ8Gvp:bMcpTo6a00BOq
Score

10^/10

dridex 10111 botnet discovery evasion trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

dridex10111botnetdiscoveryevasiontrojan

behavioral2

dridex10111botnetdiscoveryevasiontrojan