dridex | a26c901de90f064984ad1e8c9622603247c7a2245b6ec0ff9c4f17fcfd33b082 | Triage

Sharing

General

Target

18655767450.zip
Size

334KB
Sample

240821-ny59hszgnk
MD5

0783d48cb2d42a709fc95c98da035681
SHA1

267d5d6204362cf9f3d9d1531f12a9ddd0a0c26f
SHA256

a26c901de90f064984ad1e8c9622603247c7a2245b6ec0ff9c4f17fcfd33b082
SHA512

bf2ba6fae5c2252051ec0ad64f59460674e36fd3eab2672f836a0232d123bf4a8a9b456284c71a8cfe08031c2801f9309da5276bbda8e7b2649f74add8d8c2b7
SSDEEP

6144:PJ86n2cJjUsJKqVhOpq+PRXL19NneMCbqweUCi7S3sf059vgKr:P97JjRzOp7NntvTQ5fm9vdr

Score

10^/10

dridex 10444 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

194.225.58.214:443

211.110.44.63:5353

69.164.207.140:3388

198.57.200.100:3786

rc4.plain

rc4.plain

Targets

- Target
  
  97435ab8be1983337bf241ccc693f6bbe57be3ac2e1920703de78523be97c041
- Size
  
  718KB
- MD5
  
  2f2ef3c2728d313241e2a3bb5d5c6918
- SHA1
  
  05296ff3beeba179c9af651d9d3adddea8c2f4b5
- SHA256
  
  97435ab8be1983337bf241ccc693f6bbe57be3ac2e1920703de78523be97c041
- SHA512
  
  d42ce4fbdcede1bf2e0cddc74ab2fe6c942f214dad53d02bdb8690ed8efe9972a386fc7c476e21eea03ca7a7452addc22de7e256506d723afd603624cc7ce0e0
- SSDEEP
  
  12288:r+8mHYABWaGPleAupQFpa7M5YXsXx5pgKB/p:vmHBXGPlcQF87M5fBHBp
Score

10^/10

dridex 10444 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10444botnetdiscovery

behavioral2

dridex10444botnetdiscovery