dridex | f8a59fa79158e36f51038469ab4a67e6be2e79c903383e34a8fb454277e07f94 | Triage

Sharing

General

Target

f8a59fa79158e36f51038469ab4a67e6be2e79c903383e34a8fb454277e07f94.exe
Size

676KB
Sample

250119-vm8zlaxqbj
MD5

77ac3150c0a2ea85af89954b900a5198
SHA1

bc22fa4303f9faba46eea3d5abbf7329f910f6a6
SHA256

f8a59fa79158e36f51038469ab4a67e6be2e79c903383e34a8fb454277e07f94
SHA512

802d1016f53fb4ab3bd2c9b5f6012579e75aee64063ced07484428d47f64872f05ef36c99429a9bfec2160a56b3494f380477a356e2d714fbabdc98b43d04e11
SSDEEP

12288:YHcRey4pHcRey4pHcRey4+Z2E6lbYvjha5snTOuC3:YCqCqCLZf6lK2GTOn3

Score

10^/10

dridex 10111 botnet discovery

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

185.89.158.19:443

144.217.7.207:4443

59.10.131.141:34443

rc4.plain

rc4.plain

Targets

- Target
  
  f8a59fa79158e36f51038469ab4a67e6be2e79c903383e34a8fb454277e07f94.exe
- Size
  
  676KB
- MD5
  
  77ac3150c0a2ea85af89954b900a5198
- SHA1
  
  bc22fa4303f9faba46eea3d5abbf7329f910f6a6
- SHA256
  
  f8a59fa79158e36f51038469ab4a67e6be2e79c903383e34a8fb454277e07f94
- SHA512
  
  802d1016f53fb4ab3bd2c9b5f6012579e75aee64063ced07484428d47f64872f05ef36c99429a9bfec2160a56b3494f380477a356e2d714fbabdc98b43d04e11
- SSDEEP
  
  12288:YHcRey4pHcRey4pHcRey4+Z2E6lbYvjha5snTOuC3:YCqCqCLZf6lK2GTOn3
Score

10^/10

dridex 10111 botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex10111botnetdiscovery

behavioral2

dridex10111botnetdiscovery