dridex | 3713c47a827878c6b2bc8b467aac095b5b3991321ab448b4024c878be2a8ad13 | Triage

Sharing

General

Target

110a7ba7f53a76c83da13c6909e83770N.exe
Size

184KB
Sample

240814-lsvvgsvhjd
MD5

110a7ba7f53a76c83da13c6909e83770
SHA1

3a260708ec5e44cc69974262116be2d1d7cb21d4
SHA256

3713c47a827878c6b2bc8b467aac095b5b3991321ab448b4024c878be2a8ad13
SHA512

d2a067a0c6751a903455632908690320aac5aefe987353e64711e5fc564f0cb2cb90f65bf6f7e6bf094d53f5f1c0c8651a2011b768c797e5a2ea618c45dd3cf8
SSDEEP

3072:igkQz1PuOprc+kq6VNOe3qbarVEpZlcbBacS9nOdgXdA4l:LPFkq6zOe5ilSanO8d

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain

rc4.plain

Targets

- Target
  
  110a7ba7f53a76c83da13c6909e83770N.exe
- Size
  
  184KB
- MD5
  
  110a7ba7f53a76c83da13c6909e83770
- SHA1
  
  3a260708ec5e44cc69974262116be2d1d7cb21d4
- SHA256
  
  3713c47a827878c6b2bc8b467aac095b5b3991321ab448b4024c878be2a8ad13
- SHA512
  
  d2a067a0c6751a903455632908690320aac5aefe987353e64711e5fc564f0cb2cb90f65bf6f7e6bf094d53f5f1c0c8651a2011b768c797e5a2ea618c45dd3cf8
- SSDEEP
  
  3072:igkQz1PuOprc+kq6VNOe3qbarVEpZlcbBacS9nOdgXdA4l:LPFkq6zOe5ilSanO8d
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader