dridex | acc231060381c932139981648ddd4660ebf214c433fcd11e0470e3d5951c9a20 | Triage

Sharing

General

Target

acc231060381c932139981648ddd4660ebf214c433fcd11e0470e3d5951c9a20.exe
Size

486KB
Sample

250108-xxcegszkbw
MD5

2f15561e3782827302359028146b300e
SHA1

5eef662e78822d06e258669d231006e7d836c0c2
SHA256

acc231060381c932139981648ddd4660ebf214c433fcd11e0470e3d5951c9a20
SHA512

2d5f3f5331b33b5abdf0966ced58b89dc15a92f6fb2e62c9573512913cbe5a35ea28be6ccc4de12ffaf4f1ca4130fd752301516b2f4e3a06c9fb6f4250be4de7
SSDEEP

12288:RAJfG7BG7Ihl4RoyJqTf3gZhA+BAmAuCwPK91X8U8tnxX:Rn07IY6yJqb3gf5tCP1MU8bX

Score

10^/10

dridex 10111 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

2.58.16.89:8443

37.139.2.140:3889

rc4.plain

rc4.plain

Targets

- Target
  
  acc231060381c932139981648ddd4660ebf214c433fcd11e0470e3d5951c9a20.exe
- Size
  
  486KB
- MD5
  
  2f15561e3782827302359028146b300e
- SHA1
  
  5eef662e78822d06e258669d231006e7d836c0c2
- SHA256
  
  acc231060381c932139981648ddd4660ebf214c433fcd11e0470e3d5951c9a20
- SHA512
  
  2d5f3f5331b33b5abdf0966ced58b89dc15a92f6fb2e62c9573512913cbe5a35ea28be6ccc4de12ffaf4f1ca4130fd752301516b2f4e3a06c9fb6f4250be4de7
- SSDEEP
  
  12288:RAJfG7BG7Ihl4RoyJqTf3gZhA+BAmAuCwPK91X8U8tnxX:Rn07IY6yJqb3gf5tCP1MU8bX
Score

10^/10

dridex 10111 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscovery

behavioral2

dridex10111botnetdiscovery