dridex | 0ca4f84f42c000128a1451ffafb83a1bc482fcb79dc5ff4a4b1263d7a9313391 | Triage

Submit
Reports

Overview

overview

Static

static

3

a34b1a88f1...18.dll

windows7-x64

a34b1a88f1...18.dll

windows10-2004-x64

Sharing

General

Target

a34b1a88f1eb7a27ddd71408d9ca6373_JaffaCakes118
Size

164KB
Sample

240817-t28fyavgma
MD5

a34b1a88f1eb7a27ddd71408d9ca6373
SHA1

1d363d77ff4866acc2572cd36c4098fc4b60311b
SHA256

0ca4f84f42c000128a1451ffafb83a1bc482fcb79dc5ff4a4b1263d7a9313391
SHA512

7779f6155360470207acef2292e843043148b9dd3b4778cf06c24af41211d257bbafa49a918faa189d67ba666ad255f0d2e07c3294d70ca0a9d72c25843a5618
SSDEEP

3072:J1V+vpDx7DUQrMrXxomqF0uMfbaqPR7sOdBvFBnBXit/ba82MnJI:XMXDUQrOqFXMzaqNs8vATa82M

Score

10^/10

dridex 111 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a34b1a88f1eb7a27ddd71408d9ca6373_JaffaCakes118.dll

Resource

win7-20240705-en

dridex 111 botnet discovery loader

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a34b1a88f1eb7a27ddd71408d9ca6373_JaffaCakes118.dll

Resource

win10v2004-20240802-en

dridex 111 botnet discovery loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

111

C2

172.86.186.22:3889

46.105.131.78:14431

103.244.206.74:33443

139.162.53.147:4443

rc4.plain

rc4.plain

Targets

- Target
  
  a34b1a88f1eb7a27ddd71408d9ca6373_JaffaCakes118
- Size
  
  164KB
- MD5
  
  a34b1a88f1eb7a27ddd71408d9ca6373
- SHA1
  
  1d363d77ff4866acc2572cd36c4098fc4b60311b
- SHA256
  
  0ca4f84f42c000128a1451ffafb83a1bc482fcb79dc5ff4a4b1263d7a9313391
- SHA512
  
  7779f6155360470207acef2292e843043148b9dd3b4778cf06c24af41211d257bbafa49a918faa189d67ba666ad255f0d2e07c3294d70ca0a9d72c25843a5618
- SSDEEP
  
  3072:J1V+vpDx7DUQrMrXxomqF0uMfbaqPR7sOdBvFBnBXit/ba82MnJI:XMXDUQrOqFXMzaqNs8vATa82M
Score

10^/10

dridex 111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex111botnetdiscoveryloader

behavioral2

dridex111botnetdiscoveryloader

© 2018-2025

Terms | Privacy