dridex | 95d03d7a8d6c375611784f75a515a063f6085c0f003cf68117c4f18f18a8ee85 | Triage

Sharing

General

Target

bdd1e7ed8290229b645da3b3bcaa20e0_JaffaCakes118
Size

204KB
Sample

240824-cr2f7ssenm
MD5

bdd1e7ed8290229b645da3b3bcaa20e0
SHA1

41e6bc4942f5130420bbd25bd385f30fe492667d
SHA256

95d03d7a8d6c375611784f75a515a063f6085c0f003cf68117c4f18f18a8ee85
SHA512

7b847b63656ee3e72ba7879c63d61b9e4d470f1cdd0c7f72ab3a2d60ff83ac8fcef1f8af002ff87362a98a2868325eef5ac6b29038c32e09447849ebb63c1a2b
SSDEEP

1536:K5xYwjU1FRIcRW2oJkw4HU2nI+Ta+v7iawLRZFfHPe/h/5DH04Numpi9dQpF+k2i:KfVAOcNWDtPeDoCumpi7QpF+5yW27o2

Score

10^/10

dridex botnet discovery

Malware Config

Extracted

Family

dridex

C2

5.196.15.119:443

46.105.131.72:443

157.7.163.144:3389

199.119.78.9:4143

Targets

- Target
  
  bdd1e7ed8290229b645da3b3bcaa20e0_JaffaCakes118
- Size
  
  204KB
- MD5
  
  bdd1e7ed8290229b645da3b3bcaa20e0
- SHA1
  
  41e6bc4942f5130420bbd25bd385f30fe492667d
- SHA256
  
  95d03d7a8d6c375611784f75a515a063f6085c0f003cf68117c4f18f18a8ee85
- SHA512
  
  7b847b63656ee3e72ba7879c63d61b9e4d470f1cdd0c7f72ab3a2d60ff83ac8fcef1f8af002ff87362a98a2868325eef5ac6b29038c32e09447849ebb63c1a2b
- SSDEEP
  
  1536:K5xYwjU1FRIcRW2oJkw4HU2nI+Ta+v7iawLRZFfHPe/h/5DH04Numpi9dQpF+k2i:KfVAOcNWDtPeDoCumpi7QpF+5yW27o2
Score

10^/10

dridex botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridexbotnetdiscovery

behavioral2

dridexbotnetdiscovery