dridex | 24c5155cd0d39e0db208681909730c4a991478103ee48d1195c4ffbd6bc05978 | Triage

Sharing

General

Target

24c5155cd0d39e0db208681909730c4a991478103ee48d1195c4ffbd6bc05978
Size

311KB
Sample

240417-qsmw4abb7z
MD5

f80663101bffb1ea7d3434d174645769
SHA1

3f2102100fba300ce7d6198aefb7e6d69ed7f301
SHA256

24c5155cd0d39e0db208681909730c4a991478103ee48d1195c4ffbd6bc05978
SHA512

279b6adbc6d5a3cd3cce87ece1361829e77591ceaaf8d652c9529a65ef01e8bbe2e5ac15956ae4c5b9af86bab2ee46044849456bd25dce95a46975edec520b28
SSDEEP

6144:eFgPHbMPwn//ny+cNOTGv2hDwc08hdt3l3mLc80yO9CN6viYjFO:eA7MiK+NT22hIOUL/0nBvzFO

Score

10^/10

dridex 10444 botnet

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

194.225.58.214:443

211.110.44.63:5353

69.164.207.140:3388

198.57.200.100:3786

rc4.plain

rc4.plain

Targets

- Target
  
  ce6b05e2593182af90dc4e8fd315240bec81cf0734a2590ee864a05bbffb014c.exe
- Size
  
  518KB
- MD5
  
  153bc84ce38485a27ee114e9bcd4eef9
- SHA1
  
  821ced6f8b1083a085f224210f82c0f301887f7a
- SHA256
  
  ce6b05e2593182af90dc4e8fd315240bec81cf0734a2590ee864a05bbffb014c
- SHA512
  
  d9b0851d74424c348f530152332eed376b9231e0e9832588143d5dc39c5151d2e654c7931c1ba2a1098f0a3d077ec13aeaab9b174f8a2d4f870d87e43c536fcf
- SSDEEP
  
  12288:B+8mHYABWaGPleAupQFpa7M5YXsXx5pgKB/Z:RmHBXGPlcQF87M5fBHBZ
Score

10^/10

dridex 10444 botnet
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex10444botnet

behavioral2

dridex10444botnet