dridex | 955c85525dae7239e7014520cf100f59f9303ef86c9dcd3449d36673de364857 | Triage

Sharing

General

Target

60f308c539feac706dcd2c85831771cb_JaffaCakes118
Size

144KB
Sample

240520-yv5hxsfb49
MD5

60f308c539feac706dcd2c85831771cb
SHA1

862d8459c8114216aee8794282dc0cf457630c97
SHA256

955c85525dae7239e7014520cf100f59f9303ef86c9dcd3449d36673de364857
SHA512

ed08e61e2c1aa7659a9421dc963e047ed0ad89318388af50fbe46303cafa1d4962dee4fb97f54dc060a72b79faf6168c71158d6ffb924d7a6b4062fbb62a049b
SSDEEP

3072:Dlll3NCpoO6BfDbCgwF+a5p1n4eM2kXjSBGNREQW:DhocfDbC/Fr4PzSBGNRL

Score

10^/10

dridex botnet

Malware Config

Targets

- Target
  
  60f308c539feac706dcd2c85831771cb_JaffaCakes118
- Size
  
  144KB
- MD5
  
  60f308c539feac706dcd2c85831771cb
- SHA1
  
  862d8459c8114216aee8794282dc0cf457630c97
- SHA256
  
  955c85525dae7239e7014520cf100f59f9303ef86c9dcd3449d36673de364857
- SHA512
  
  ed08e61e2c1aa7659a9421dc963e047ed0ad89318388af50fbe46303cafa1d4962dee4fb97f54dc060a72b79faf6168c71158d6ffb924d7a6b4062fbb62a049b
- SSDEEP
  
  3072:Dlll3NCpoO6BfDbCgwF+a5p1n4eM2kXjSBGNREQW:DhocfDbC/Fr4PzSBGNRL
Score

10^/10

dridex botnet
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2