dridex | da135b38df8b6d87ecd98079b56eae725ae22e1846c14f4e0ed7a75a2290cdc8 | Triage

Sharing

General

Target

fd19d54287d984c899908a7c341dbc06_JaffaCakes118
Size

148KB
Sample

240928-zergssvgmm
MD5

fd19d54287d984c899908a7c341dbc06
SHA1

a66e77d6f13d3af4ad1476246c637d4c04d65633
SHA256

da135b38df8b6d87ecd98079b56eae725ae22e1846c14f4e0ed7a75a2290cdc8
SHA512

196ec8bfb24f24c85d5e05b60c9aed7e39b5e2480d3d8dddc5fec9f6f27cab85682ee5d86a5e5a0ffe9f0b9c61ea49737fa55d668221c427e44fefbe87ecde41
SSDEEP

3072:uiIroK9w8wZD9JS8ougbDz/KCwvlcH2GK39jqj0lRtDIv:uixxD8bDzSvlOXm9jTlRt8

Score

10^/10

dridex botnet discovery

Malware Config

Targets

- Target
  
  fd19d54287d984c899908a7c341dbc06_JaffaCakes118
- Size
  
  148KB
- MD5
  
  fd19d54287d984c899908a7c341dbc06
- SHA1
  
  a66e77d6f13d3af4ad1476246c637d4c04d65633
- SHA256
  
  da135b38df8b6d87ecd98079b56eae725ae22e1846c14f4e0ed7a75a2290cdc8
- SHA512
  
  196ec8bfb24f24c85d5e05b60c9aed7e39b5e2480d3d8dddc5fec9f6f27cab85682ee5d86a5e5a0ffe9f0b9c61ea49737fa55d668221c427e44fefbe87ecde41
- SSDEEP
  
  3072:uiIroK9w8wZD9JS8ougbDz/KCwvlcH2GK39jqj0lRtDIv:uixxD8bDzSvlOXm9jTlRt8
Score

10^/10

dridex botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Deletes itself
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridexbotnetdiscovery

behavioral2

dridexbotnetdiscovery