dridex | c94fe7b646b681ac85756b4ce7f85f4745a7b505f1a2215ba8b58375238bad10 | Triage

Sharing

General

Target

DridexDroppedVBS.925da3a10f7dde802c8d87047b14fda6
Size

140KB
Sample

250212-2xhnqazmg1
MD5

925da3a10f7dde802c8d87047b14fda6
SHA1

1fc59fbf692f690b9fe82cfafc9dcbd5aac31a68
SHA256

c94fe7b646b681ac85756b4ce7f85f4745a7b505f1a2215ba8b58375238bad10
SHA512

82588188de13f34cd751da7409f780c4fc5814da780fe8cad1fa73370414fb24b9822fc56f1f162d0db4a5c27159c225bc4d4fb061a87cb3c0d89b067353a478
SSDEEP

3072:X9z9zjy6WEba5uuoLPhiVF3NT5nNpytoQE:X9J9gu0td5nN4

Score

10^/10

dridex botnet discovery

Malware Config

Targets

- Target
  
  DridexDroppedVBS.925da3a10f7dde802c8d87047b14fda6
- Size
  
  140KB
- MD5
  
  925da3a10f7dde802c8d87047b14fda6
- SHA1
  
  1fc59fbf692f690b9fe82cfafc9dcbd5aac31a68
- SHA256
  
  c94fe7b646b681ac85756b4ce7f85f4745a7b505f1a2215ba8b58375238bad10
- SHA512
  
  82588188de13f34cd751da7409f780c4fc5814da780fe8cad1fa73370414fb24b9822fc56f1f162d0db4a5c27159c225bc4d4fb061a87cb3c0d89b067353a478
- SSDEEP
  
  3072:X9z9zjy6WEba5uuoLPhiVF3NT5nNpytoQE:X9J9gu0td5nN4
Score

10^/10

dridex botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Downloads MZ/PE file
- Deletes itself
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridexbotnetdiscovery

behavioral2

dridexbotnetdiscovery