dridex | cd4ccf6b266b11aa29327444754c4c42f175725c4c03e21cf5dae151a4c4aa41 | Triage

Sharing

General

Target

8c115bfae5facea4fd720b5bbe39136d_JaffaCakes118
Size

320KB
Sample

240811-1gtklstele
MD5

8c115bfae5facea4fd720b5bbe39136d
SHA1

73c05bd6ee0d49a8202d4ec4b4a90e27a1aa3174
SHA256

cd4ccf6b266b11aa29327444754c4c42f175725c4c03e21cf5dae151a4c4aa41
SHA512

59c5181afd29907d229518f908ba8b8ba8a5ba058c5abfa35696e7dd442ce2b0558dad8d8946ef20f0c080e1c55a42db3b5de76575fab1aebdd7645c123d89fe
SSDEEP

3072:j4LaiXGwW6f3ny73vo0FbxbqOwO42GLSGL5UUoIPjgbgba5ytyiqNTPmSvld2hJk:jBrwXy7wvxSGGJIPje15Nvld3s5pd

Score

10^/10

dridex 10444 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

151.236.219.181:443

142.4.6.57:14043

162.144.127.197:3786

103.40.116.68:5443

rc4.plain

rc4.plain

Targets

- Target
  
  8c115bfae5facea4fd720b5bbe39136d_JaffaCakes118
- Size
  
  320KB
- MD5
  
  8c115bfae5facea4fd720b5bbe39136d
- SHA1
  
  73c05bd6ee0d49a8202d4ec4b4a90e27a1aa3174
- SHA256
  
  cd4ccf6b266b11aa29327444754c4c42f175725c4c03e21cf5dae151a4c4aa41
- SHA512
  
  59c5181afd29907d229518f908ba8b8ba8a5ba058c5abfa35696e7dd442ce2b0558dad8d8946ef20f0c080e1c55a42db3b5de76575fab1aebdd7645c123d89fe
- SSDEEP
  
  3072:j4LaiXGwW6f3ny73vo0FbxbqOwO42GLSGL5UUoIPjgbgba5ytyiqNTPmSvld2hJk:jBrwXy7wvxSGGJIPje15Nvld3s5pd
Score

10^/10

dridex 10444 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10444botnetdiscovery

behavioral2

dridex10444botnetdiscovery