dridex | 054f665345b0f64873da4c5df8cb0f67699f32052bbda9b8a69e59b9c5ab7a19 | Triage

Sharing

General

Target

e8da045855dc2f1d8dc2a71bef768cbe_JaffaCakes118
Size

1.1MB
Sample

240409-bd4tqshc76
MD5

e8da045855dc2f1d8dc2a71bef768cbe
SHA1

94628dc558ee79e876c26c106b43060ee9e8e92e
SHA256

054f665345b0f64873da4c5df8cb0f67699f32052bbda9b8a69e59b9c5ab7a19
SHA512

8c42fee44251a8acd7916d283377c15c8ad9523b441a7c92e60a32ca75ee23400f13aa2434e1b6e98dc11b3130be345cf0bd7b42104ac8365939b7e2a472784e
SSDEEP

12288:IM+ZdkmHubeaCo6Lga1w2A/sUQBJ8svp:IMcpTo6sg+0BOo

Score

10^/10

dridex 10111 botnet discovery evasion trojan

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

177.52.173.20:9043

192.100.170.1:10172

166.62.103.55:7443

rc4.plain

rc4.plain

Targets

- Target
  
  e8da045855dc2f1d8dc2a71bef768cbe_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  e8da045855dc2f1d8dc2a71bef768cbe
- SHA1
  
  94628dc558ee79e876c26c106b43060ee9e8e92e
- SHA256
  
  054f665345b0f64873da4c5df8cb0f67699f32052bbda9b8a69e59b9c5ab7a19
- SHA512
  
  8c42fee44251a8acd7916d283377c15c8ad9523b441a7c92e60a32ca75ee23400f13aa2434e1b6e98dc11b3130be345cf0bd7b42104ac8365939b7e2a472784e
- SSDEEP
  
  12288:IM+ZdkmHubeaCo6Lga1w2A/sUQBJ8svp:IMcpTo6sg+0BOo
Score

10^/10

dridex 10111 botnet discovery evasion trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

dridex10111botnetdiscoveryevasiontrojan

behavioral2

dridex10111botnetdiscoveryevasiontrojan