dridex | c8467c57642a50b1b626c526c0514798edf3db9d241d26eaf47fbd456b884633 | Triage

Sharing

General

Target

d6e9169100e7a81da951d7b47c9e1ba3_JaffaCakes118
Size

204KB
Sample

240909-xlrp2atgqj
MD5

d6e9169100e7a81da951d7b47c9e1ba3
SHA1

3a719c7fcd28cb0ea8df9811c1cf245e6c87478a
SHA256

c8467c57642a50b1b626c526c0514798edf3db9d241d26eaf47fbd456b884633
SHA512

b71de0483455bc9cd1bca8edfe6b26279b6b994be7c74770957e9dc0379e9f59f8cf5ba20237b528d99cd6a350d182644a4c720743cc43f96370f8f9f5c88039
SSDEEP

1536:55xYwjU1FRIcRW2oJkw4HU2nI+Ta+v7iawLRZFfHPe/h/5DH04Numpa9dQpF+k2i:5fVAOcNWDtPeDoCumpa7QpF+5yW27o2

Score

10^/10

dridex botnet discovery

Malware Config

Extracted

Family

dridex

C2

5.196.15.119:443

46.105.131.72:443

157.7.163.144:3389

199.119.78.9:4143

Targets

- Target
  
  d6e9169100e7a81da951d7b47c9e1ba3_JaffaCakes118
- Size
  
  204KB
- MD5
  
  d6e9169100e7a81da951d7b47c9e1ba3
- SHA1
  
  3a719c7fcd28cb0ea8df9811c1cf245e6c87478a
- SHA256
  
  c8467c57642a50b1b626c526c0514798edf3db9d241d26eaf47fbd456b884633
- SHA512
  
  b71de0483455bc9cd1bca8edfe6b26279b6b994be7c74770957e9dc0379e9f59f8cf5ba20237b528d99cd6a350d182644a4c720743cc43f96370f8f9f5c88039
- SSDEEP
  
  1536:55xYwjU1FRIcRW2oJkw4HU2nI+Ta+v7iawLRZFfHPe/h/5DH04Numpa9dQpF+k2i:5fVAOcNWDtPeDoCumpa7QpF+5yW27o2
Score

10^/10

dridex botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridexbotnetdiscovery

behavioral2

dridexbotnetdiscovery