dridex | 7d1b7fe90a9523e9fb69375b953ccac25846900acf630b8b1325019d07852224 | Triage

Sharing

General

Target

6dacd8ef01147243d9e5e25448399850N
Size

660KB
Sample

240914-n98h1ssfmp
MD5

6dacd8ef01147243d9e5e25448399850
SHA1

c10987e8fc9fa1046bf2b7fdc04fb3c0191752af
SHA256

7d1b7fe90a9523e9fb69375b953ccac25846900acf630b8b1325019d07852224
SHA512

8ace3c7c0ce32a71feac49aacdc6e26375ab577b5a119b9b5e68b74ec90befecfbe1bf013fb578b5bede30986145df7ba1d4e71222b5227baa27055d7c13fa81
SSDEEP

6144:ebazNBbycfmKsyUlVyMdUFIk1KyHNwoA9pFp5xMqC1hxUxR3KulSsKz3+m:FzeTlVy/7HNWp5WqUhxUxR3KuksKam

Score

10^/10

dridex 10444 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

210.65.244.176:443

37.34.58.210:6601

77.220.64.141:5037

rc4.plain

rc4.plain

Targets

- Target
  
  6dacd8ef01147243d9e5e25448399850N
- Size
  
  660KB
- MD5
  
  6dacd8ef01147243d9e5e25448399850
- SHA1
  
  c10987e8fc9fa1046bf2b7fdc04fb3c0191752af
- SHA256
  
  7d1b7fe90a9523e9fb69375b953ccac25846900acf630b8b1325019d07852224
- SHA512
  
  8ace3c7c0ce32a71feac49aacdc6e26375ab577b5a119b9b5e68b74ec90befecfbe1bf013fb578b5bede30986145df7ba1d4e71222b5227baa27055d7c13fa81
- SSDEEP
  
  6144:ebazNBbycfmKsyUlVyMdUFIk1KyHNwoA9pFp5xMqC1hxUxR3KulSsKz3+m:FzeTlVy/7HNWp5WqUhxUxR3KuksKam
Score

10^/10

dridex 10444 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10444botnetdiscovery

behavioral2

dridex10444botnetdiscovery