dridex | e20c2a8a6b0ca4df1d293ade06f5e5d7b61416dcfa02c9b76e449ca156f5e4b9 | Triage

Sharing

General

Target

e20c2a8a6b0ca4df1d293ade06f5e5d7b61416dcfa02c9b76e449ca156f5e4b9
Size

365KB
Sample

250113-jk74qswjeq
MD5

5c0164857c734480cbbdeea12ef93fd4
SHA1

06347a3e2a185d00a214dc63dab4ed5550a4ae43
SHA256

e20c2a8a6b0ca4df1d293ade06f5e5d7b61416dcfa02c9b76e449ca156f5e4b9
SHA512

d3c15ecc464f5b5ad489357677a85b1206a08e2b5dd5b245bb95e68a100112abadb7c01a14458f94f436d034d89ad52b950a9b37be9a89832a76522deb6b2d8c
SSDEEP

6144:WxTwCx1SYEdaaozQgHQQN+JWNPTL1ewYeH69Poa:pCx1SRa/5nNKeL1fH6ea

Score

10^/10

dridex 10111 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

157.7.166.26:5353

162.144.127.197:3786

46.22.57.17:5037

rc4.plain

rc4.plain

Targets

- Target
  
  e20c2a8a6b0ca4df1d293ade06f5e5d7b61416dcfa02c9b76e449ca156f5e4b9
- Size
  
  365KB
- MD5
  
  5c0164857c734480cbbdeea12ef93fd4
- SHA1
  
  06347a3e2a185d00a214dc63dab4ed5550a4ae43
- SHA256
  
  e20c2a8a6b0ca4df1d293ade06f5e5d7b61416dcfa02c9b76e449ca156f5e4b9
- SHA512
  
  d3c15ecc464f5b5ad489357677a85b1206a08e2b5dd5b245bb95e68a100112abadb7c01a14458f94f436d034d89ad52b950a9b37be9a89832a76522deb6b2d8c
- SSDEEP
  
  6144:WxTwCx1SYEdaaozQgHQQN+JWNPTL1ewYeH69Poa:pCx1SRa/5nNKeL1fH6ea
Score

10^/10

dridex 10111 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscovery

behavioral2

dridex10111botnetdiscovery