dridex | d99aff28ccb4710705d311e25505d37f870fbbb7124e2a3a4a0a0de35768be6b | Triage

Sharing

General

Target

e8588ca73801d77a7ff95de65269b544_JaffaCakes118
Size

1.1MB
Sample

240408-y9s4faba72
MD5

e8588ca73801d77a7ff95de65269b544
SHA1

ebaf186add6aba29debab5da51a1856e1ed0adc4
SHA256

d99aff28ccb4710705d311e25505d37f870fbbb7124e2a3a4a0a0de35768be6b
SHA512

20733d57e3e2cfb398d4a4fc08f8c395913944698e9b554c229f0cd99350607a721ac5de4fe33104896785c7573d48c3250e085dd07ae3f735238a44082bb815
SSDEEP

12288:CM+ZdkmHubeaCo6Lga1w2A/sUQBJ8cvp:CMcpTo6sg+0BO4

Score

10^/10

dridex 10111 botnet discovery evasion trojan

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

177.52.173.20:9043

192.100.170.1:10172

166.62.103.55:7443

rc4.plain

rc4.plain

Targets

- Target
  
  e8588ca73801d77a7ff95de65269b544_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  e8588ca73801d77a7ff95de65269b544
- SHA1
  
  ebaf186add6aba29debab5da51a1856e1ed0adc4
- SHA256
  
  d99aff28ccb4710705d311e25505d37f870fbbb7124e2a3a4a0a0de35768be6b
- SHA512
  
  20733d57e3e2cfb398d4a4fc08f8c395913944698e9b554c229f0cd99350607a721ac5de4fe33104896785c7573d48c3250e085dd07ae3f735238a44082bb815
- SSDEEP
  
  12288:CM+ZdkmHubeaCo6Lga1w2A/sUQBJ8cvp:CMcpTo6sg+0BO4
Score

10^/10

dridex 10111 botnet discovery evasion trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

dridex10111botnetdiscoveryevasiontrojan

behavioral2

dridex10111botnetdiscoveryevasiontrojan