dridex | 5e40212bf7edb62f2eb8708db3aef7ed8c4b60cf052c4e459b53cabba39a37c5 | Triage

Sharing

General

Target

5e40212bf7edb62f2eb8708db3aef7ed8c4b60cf052c4e459b53cabba39a37c5
Size

181KB
Sample

240417-r718psec9s
MD5

efa7693a8395fabe468395926301bbb0
SHA1

6e51022d84f69fe546ee8cd886afc0af4094b26c
SHA256

5e40212bf7edb62f2eb8708db3aef7ed8c4b60cf052c4e459b53cabba39a37c5
SHA512

4be7e967c64b5eaa2552622209c14d3bebf05695d6dc7f96d40b7f7df38ead1068ed4ccb3d9acac0b02e19ab1dc1635c31a90b5e19ca761083c173672f3d009b
SSDEEP

3072:o67w6TVcZBUJPeBEJ85toidiQGM4+yjjV9hHN7O3t2ZiTsrU+OYRvNRcAXV8BLIn:oO+foSEJ8PbiQbyjjDhE3tj+v7pX91

Score

10^/10

dridex 40400 botnet

Malware Config

Extracted

Family

dridex

Botnet

40400

C2

132.255.244.130:443

111.67.77.202:3389

198.50.236.57:443

45.122.223.13:8443

rc4.plain

rc4.plain

Targets

- Target
  
  178ba564b39bd07577e974a9b677dfd86ffa1f1d0299dfd958eb883c5ef6c3e1.exe
- Size
  
  208KB
- MD5
  
  6a8401448a5bd2b540850f811b20a66d
- SHA1
  
  9f01d4442c495c7128649b98201187bc0c58dedd
- SHA256
  
  178ba564b39bd07577e974a9b677dfd86ffa1f1d0299dfd958eb883c5ef6c3e1
- SHA512
  
  87680152e6ed8a294c824cddb559797c0ff9f7106e8e9d16fc8f0195c338566b9cdd76a8bf79ae23450625466bdf54af30a1c91939f93b204604d7deb7e00dd8
- SSDEEP
  
  3072:KNrKrKlirGivgt0OpAIL7IDr64J/GUAowkofDHSUEMFOfWH/iqIHWHRvVg:aOrciYKBIIPGU9wkgSUPFOwtHL
Score

10^/10

dridex 40400 botnet
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dridex40400botnet

behavioral2

dridex40400botnet