dridex | d4f410906dd7f5c28d07bade1a6a947b8c2abaf337405738b34868e7a08e0938 | Triage

Sharing

General

Target

ef6340f935c634746d3a8745e7683427_JaffaCakes118
Size

1.1MB
Sample

240414-yqszbsfa4y
MD5

ef6340f935c634746d3a8745e7683427
SHA1

88f04d06661693c6259e1fefa5a01fcd621b4d92
SHA256

d4f410906dd7f5c28d07bade1a6a947b8c2abaf337405738b34868e7a08e0938
SHA512

a97fa186192c4209a5c72f26c6758791f8b09c164bc1821c94209a4d0750fcfefb76d79a0fa4ecb37964c3b6cbad432cb2ed0b2e45b83a26979efca6d63aa72c
SSDEEP

12288:5M+ZdkmHubeaCo6Lga1w2A/sUQBJ8svp:5McpTo6sg+0BOo

Score

10^/10

dridex 10111 botnet discovery evasion trojan

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

177.52.173.20:9043

192.100.170.1:10172

166.62.103.55:7443

rc4.plain

rc4.plain

Targets

- Target
  
  ef6340f935c634746d3a8745e7683427_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  ef6340f935c634746d3a8745e7683427
- SHA1
  
  88f04d06661693c6259e1fefa5a01fcd621b4d92
- SHA256
  
  d4f410906dd7f5c28d07bade1a6a947b8c2abaf337405738b34868e7a08e0938
- SHA512
  
  a97fa186192c4209a5c72f26c6758791f8b09c164bc1821c94209a4d0750fcfefb76d79a0fa4ecb37964c3b6cbad432cb2ed0b2e45b83a26979efca6d63aa72c
- SSDEEP
  
  12288:5M+ZdkmHubeaCo6Lga1w2A/sUQBJ8svp:5McpTo6sg+0BOo
Score

10^/10

dridex 10111 botnet discovery evasion trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

dridex10111botnetdiscoveryevasiontrojan

behavioral2

dridex10111botnetdiscoveryevasiontrojan