dridex | a0901c281c41aba0d2c34468cb4da238a28cebcd2d6649defc44fc3295b144ab | Triage

Submit
Reports

Overview

overview

Static

static

3

8ac64190a3...18.exe

windows7-x64

8ac64190a3...18.exe

windows10-2004-x64

Sharing

General

Target

8ac64190a3ca6bd031fe70d5faf1cfef_JaffaCakes118
Size

156KB
Sample

240811-r53czsybrd
MD5

8ac64190a3ca6bd031fe70d5faf1cfef
SHA1

a51366fd4e29c4ccac32e0f67434b5cbeca8e6c0
SHA256

a0901c281c41aba0d2c34468cb4da238a28cebcd2d6649defc44fc3295b144ab
SHA512

7a063a1c84a7b710df583b904ddd623fc293a40aedb58fdc5a398e95f84240cd78c2242e18eab2037d71cd6ac2fb2c2981257b0fcd8820ed5ae77201839e49bd
SSDEEP

3072:2Hq8/eYoUW8DneXJRDcTHS5kpuJF8GvYQeCUwvg9B2H:AF/6EDSRmHS5kampQxQB2

Score

10^/10

dridex 12333 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8ac64190a3ca6bd031fe70d5faf1cfef_JaffaCakes118.exe

Resource

win7-20240705-en

dridex 12333 botnet discovery loader

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

8ac64190a3ca6bd031fe70d5faf1cfef_JaffaCakes118.exe

Resource

win10v2004-20240802-en

dridex 12333 botnet discovery loader

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

12333

C2

173.203.78.138:443

217.160.107.189:6601

77.220.64.150:5037

rc4.plain

rc4.plain

Targets

- Target
  
  8ac64190a3ca6bd031fe70d5faf1cfef_JaffaCakes118
- Size
  
  156KB
- MD5
  
  8ac64190a3ca6bd031fe70d5faf1cfef
- SHA1
  
  a51366fd4e29c4ccac32e0f67434b5cbeca8e6c0
- SHA256
  
  a0901c281c41aba0d2c34468cb4da238a28cebcd2d6649defc44fc3295b144ab
- SHA512
  
  7a063a1c84a7b710df583b904ddd623fc293a40aedb58fdc5a398e95f84240cd78c2242e18eab2037d71cd6ac2fb2c2981257b0fcd8820ed5ae77201839e49bd
- SSDEEP
  
  3072:2Hq8/eYoUW8DneXJRDcTHS5kpuJF8GvYQeCUwvg9B2H:AF/6EDSRmHS5kampQxQB2
Score

10^/10

dridex 12333 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex12333botnetdiscoveryloader

behavioral2

dridex12333botnetdiscoveryloader

© 2018-2024

Terms | Privacy