dridex | 0b8d22a05a650febaf2d3cb1b786ceff34b33cedc722c9d8c0adc35855fa2824 | Triage

Sharing

General

Target

0b8d22a05a650febaf2d3cb1b786ceff34b33cedc722c9d8c0adc35855fa2824N.exe
Size

366KB
Sample

250104-kepwmstmdj
MD5

7cc01b1ff68f4d3cf42a2ff9c7122ad0
SHA1

78c7eb7bb622e0c1836a2d62bec56a83525b971e
SHA256

0b8d22a05a650febaf2d3cb1b786ceff34b33cedc722c9d8c0adc35855fa2824
SHA512

4aa1b138ae9ecbe08b090d30f35d8edc62f5f40409a2c3032af2a714a428866eea67248984a7ccba71576a5dc7ad9a6e003cf5572c6b720c3a03dc80bcd7754f
SSDEEP

6144:BuUfyIrWsUujF7DpzIhDyacsEv6P8xWWzv:AUaIrWPupJIheacsb0zv

Score

10^/10

dridex 10111 botnet cryptone discovery packer

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

87.98.218.33:443

54.38.143.246:691

92.38.128.47:3389

159.65.79.173:3886

rc4.plain

rc4.plain

Targets

- Target
  
  0b8d22a05a650febaf2d3cb1b786ceff34b33cedc722c9d8c0adc35855fa2824N.exe
- Size
  
  366KB
- MD5
  
  7cc01b1ff68f4d3cf42a2ff9c7122ad0
- SHA1
  
  78c7eb7bb622e0c1836a2d62bec56a83525b971e
- SHA256
  
  0b8d22a05a650febaf2d3cb1b786ceff34b33cedc722c9d8c0adc35855fa2824
- SHA512
  
  4aa1b138ae9ecbe08b090d30f35d8edc62f5f40409a2c3032af2a714a428866eea67248984a7ccba71576a5dc7ad9a6e003cf5572c6b720c3a03dc80bcd7754f
- SSDEEP
  
  6144:BuUfyIrWsUujF7DpzIhDyacsEv6P8xWWzv:AUaIrWPupJIheacsb0zv
Score

10^/10

dridex 10111 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscovery

behavioral2

dridex10111botnetdiscovery