dridex | 9492c6842475059a6af7f4b8c42e03944f08938243fa393713a5a6a930d79bcd | Triage

Sharing

General

Target

031f318c8ab815cda0d447904a925cf7_JaffaCakes118
Size

324KB
Sample

240728-aczb7awcrp
MD5

031f318c8ab815cda0d447904a925cf7
SHA1

2bbca22cb0355f1ad4acedd9dd69ebaaeddf6b9e
SHA256

9492c6842475059a6af7f4b8c42e03944f08938243fa393713a5a6a930d79bcd
SHA512

519a54859e82861cf3f73b3a6ac400b57bd560a53867b8396aa8c286a5ee4e675c75c3f80ddc0cb4e0ef80300ada6b4e985bd4bb73bdc8d1c56a673240a83c4d
SSDEEP

6144:m7fWXIrEU401YJpdX9IPS/AE8ZqJ5kHXBB0X3v8HoFS:m7fMUF1YJjX9fZ8ZmgE3Gx

Score

10^/10

dridex 10555 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10555

C2

151.236.219.181:443

142.4.6.57:14043

162.144.127.197:3786

103.40.116.68:5443

rc4.plain

rc4.plain

Targets

- Target
  
  031f318c8ab815cda0d447904a925cf7_JaffaCakes118
- Size
  
  324KB
- MD5
  
  031f318c8ab815cda0d447904a925cf7
- SHA1
  
  2bbca22cb0355f1ad4acedd9dd69ebaaeddf6b9e
- SHA256
  
  9492c6842475059a6af7f4b8c42e03944f08938243fa393713a5a6a930d79bcd
- SHA512
  
  519a54859e82861cf3f73b3a6ac400b57bd560a53867b8396aa8c286a5ee4e675c75c3f80ddc0cb4e0ef80300ada6b4e985bd4bb73bdc8d1c56a673240a83c4d
- SSDEEP
  
  6144:m7fWXIrEU401YJpdX9IPS/AE8ZqJ5kHXBB0X3v8HoFS:m7fMUF1YJjX9fZ8ZmgE3Gx
Score

10^/10

dridex 10555 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10555botnetdiscovery

behavioral2

dridex10555botnetdiscovery