dridex | 5b4337f9ae1d91113c91abd0da39794d8aa216b149562440de541ca99618840d | Triage

Sharing

General

Target

da89cf3606cd723551524a0f64ba76de_JaffaCakes118
Size

324KB
Sample

240911-rp8j3awala
MD5

da89cf3606cd723551524a0f64ba76de
SHA1

8b6b1dd793811066522e4a1b86858dee09a37faf
SHA256

5b4337f9ae1d91113c91abd0da39794d8aa216b149562440de541ca99618840d
SHA512

75320d1c948b17efe84d5261172ff2e220847a751761334fb2d0ed1fd7a26c1d958005d3082f4ac4e2987427cc54b8c429e12d99a9445524b03e199c1126c627
SSDEEP

6144:3udkKJ4hF7popQTRq3va4jl6u31Ut+Ji370HnBs4NeuVCC:97yUReva4jlNoQnBXek1

Score

10^/10

dridex 10444 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

51.75.24.85:443

46.22.116.163:3074

173.249.46.113:3889

192.241.174.45:4443

rc4.plain

rc4.plain

Targets

- Target
  
  da89cf3606cd723551524a0f64ba76de_JaffaCakes118
- Size
  
  324KB
- MD5
  
  da89cf3606cd723551524a0f64ba76de
- SHA1
  
  8b6b1dd793811066522e4a1b86858dee09a37faf
- SHA256
  
  5b4337f9ae1d91113c91abd0da39794d8aa216b149562440de541ca99618840d
- SHA512
  
  75320d1c948b17efe84d5261172ff2e220847a751761334fb2d0ed1fd7a26c1d958005d3082f4ac4e2987427cc54b8c429e12d99a9445524b03e199c1126c627
- SSDEEP
  
  6144:3udkKJ4hF7popQTRq3va4jl6u31Ut+Ji370HnBs4NeuVCC:97yUReva4jlNoQnBXek1
Score

10^/10

dridex 10444 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10444botnetdiscovery

behavioral2

dridex10444botnetdiscovery