dridex | 11d6703c422ba5ff6cbc0f40c5099a283dfd70fed43d1265366a4919201c6ce0 | Triage

Sharing

General

Target

c8ec2aee1e6b3b1aa46f5c6dcf9c7110_JaffaCakes118
Size

320KB
Sample

240829-qwt5ksthnd
MD5

c8ec2aee1e6b3b1aa46f5c6dcf9c7110
SHA1

3edc2c3cbd1cd08b5e34b21433e5658e81f99f0d
SHA256

11d6703c422ba5ff6cbc0f40c5099a283dfd70fed43d1265366a4919201c6ce0
SHA512

bcf3539eb041f0549e8ef569b497182b69f514defecca161bbc9c67c54cfb3f2a72a84a86c695a2187924b45851c72fc86b30e9a9c0b317f10c336263e53837d
SSDEEP

6144:OaM65wVpzY9WKgRP2Ba6k0UwLBlZtR7ynoOyzzR42eAgA:OffY0P2BfxjhOQe67

Score

10^/10

dridex 10444 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

151.236.219.181:443

142.4.6.57:14043

162.144.127.197:3786

103.40.116.68:5443

rc4.plain

rc4.plain

Targets

- Target
  
  c8ec2aee1e6b3b1aa46f5c6dcf9c7110_JaffaCakes118
- Size
  
  320KB
- MD5
  
  c8ec2aee1e6b3b1aa46f5c6dcf9c7110
- SHA1
  
  3edc2c3cbd1cd08b5e34b21433e5658e81f99f0d
- SHA256
  
  11d6703c422ba5ff6cbc0f40c5099a283dfd70fed43d1265366a4919201c6ce0
- SHA512
  
  bcf3539eb041f0549e8ef569b497182b69f514defecca161bbc9c67c54cfb3f2a72a84a86c695a2187924b45851c72fc86b30e9a9c0b317f10c336263e53837d
- SSDEEP
  
  6144:OaM65wVpzY9WKgRP2Ba6k0UwLBlZtR7ynoOyzzR42eAgA:OffY0P2BfxjhOQe67
Score

10^/10

dridex 10444 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10444botnetdiscovery

behavioral2

dridex10444botnetdiscovery