dridex | ac9f08e36716cbb3777778d9144620618a2ee26bea0512da55f76c5290bd4617 | Triage

Sharing

General

Target

ac9f08e36716cbb3777778d9144620618a2ee26bea0512da55f76c5290bd4617.exe
Size

510KB
Sample

250113-dy8drswmhk
MD5

35f2c2d7baf199692f757c075ac0bc44
SHA1

c181c8f2fd20d847a70e10d72e25fac3983413c3
SHA256

ac9f08e36716cbb3777778d9144620618a2ee26bea0512da55f76c5290bd4617
SHA512

e0738e5c94b0d544228c265444186923caa0790aef79f49a644a02fa3cda00770a07de8be8fc6acee9d2d540d348e636794749348deab20842453e1f2d29ae13
SSDEEP

12288:UAJfG7BG7Ihl4RoyJqTf3gZRh0wYAjA77AOgm/CQlzsOaIWaPa2888888888888x:Un07IY6yJqb3gzhO8Y7Mm/CQJsOahr3m

Score

10^/10

dridex 10111 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

5.9.178.143:443

2.58.16.89:8443

37.139.2.140:3889

rc4.plain

rc4.plain

Targets

- Target
  
  ac9f08e36716cbb3777778d9144620618a2ee26bea0512da55f76c5290bd4617.exe
- Size
  
  510KB
- MD5
  
  35f2c2d7baf199692f757c075ac0bc44
- SHA1
  
  c181c8f2fd20d847a70e10d72e25fac3983413c3
- SHA256
  
  ac9f08e36716cbb3777778d9144620618a2ee26bea0512da55f76c5290bd4617
- SHA512
  
  e0738e5c94b0d544228c265444186923caa0790aef79f49a644a02fa3cda00770a07de8be8fc6acee9d2d540d348e636794749348deab20842453e1f2d29ae13
- SSDEEP
  
  12288:UAJfG7BG7Ihl4RoyJqTf3gZRh0wYAjA77AOgm/CQlzsOaIWaPa2888888888888x:Un07IY6yJqb3gzhO8Y7Mm/CQJsOahr3m
Score

10^/10

dridex 10111 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscovery

behavioral2

dridex10111botnetdiscovery