dridex | 4590ea45853dd0d4790c0e8323bea9de524dff040e3ab9d010c6541a44a306dc | Triage

Sharing

General

Target

442e235beb78628d6ce3efba12fc8df0N
Size

174KB
Sample

240826-azqnkawfqk
MD5

442e235beb78628d6ce3efba12fc8df0
SHA1

fd2d92af8ff5abb3b229390afd3498011b28c2d9
SHA256

4590ea45853dd0d4790c0e8323bea9de524dff040e3ab9d010c6541a44a306dc
SHA512

4c0fee43b4cc53592c4803838d8f6e7c340c9dcba7352e0154a36b6ed0a1d6b0e296fb0cdc341830a5c52410dae7637e2b3c13011592fea67205db380c36e02e
SSDEEP

3072:9TcmA9VSRrhbm3F1tx7Tkf6rzyOQ9hUjWFv+yss6/WcNfkF:y9mhbm3F9U6rz+9h6WFWyss6/WcNO

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain

rc4.plain

Targets

- Target
  
  442e235beb78628d6ce3efba12fc8df0N
- Size
  
  174KB
- MD5
  
  442e235beb78628d6ce3efba12fc8df0
- SHA1
  
  fd2d92af8ff5abb3b229390afd3498011b28c2d9
- SHA256
  
  4590ea45853dd0d4790c0e8323bea9de524dff040e3ab9d010c6541a44a306dc
- SHA512
  
  4c0fee43b4cc53592c4803838d8f6e7c340c9dcba7352e0154a36b6ed0a1d6b0e296fb0cdc341830a5c52410dae7637e2b3c13011592fea67205db380c36e02e
- SSDEEP
  
  3072:9TcmA9VSRrhbm3F1tx7Tkf6rzyOQ9hUjWFv+yss6/WcNfkF:y9mhbm3F9U6rz+9h6WFWyss6/WcNO
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader