dridex | 248624e4d1e002067dfe831a079b889b57fb112074d2837a6d84b3e22aa3a76d | Triage

Sharing

General

Target

bd8a3536bff96b4ec54a936af736ab30N.exe
Size

188KB
Sample

240906-wc1qxazcrm
MD5

bd8a3536bff96b4ec54a936af736ab30
SHA1

54f6384bee51cf62950a9346080339a5d827de59
SHA256

248624e4d1e002067dfe831a079b889b57fb112074d2837a6d84b3e22aa3a76d
SHA512

a6afde9571423c5e9c94f62fc3b16c4cb79f0ae5677cb3e92c9bfbb34bd70901e41071c550b841bc13d7d7c259bd3bb1841a8f8a9d9b0f2bef83e53b326b0ebe
SSDEEP

3072:BteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzN9qM:Nq7fYIHBZkTB6DWruUCOwjt

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain

rc4.plain

Targets

- Target
  
  bd8a3536bff96b4ec54a936af736ab30N.exe
- Size
  
  188KB
- MD5
  
  bd8a3536bff96b4ec54a936af736ab30
- SHA1
  
  54f6384bee51cf62950a9346080339a5d827de59
- SHA256
  
  248624e4d1e002067dfe831a079b889b57fb112074d2837a6d84b3e22aa3a76d
- SHA512
  
  a6afde9571423c5e9c94f62fc3b16c4cb79f0ae5677cb3e92c9bfbb34bd70901e41071c550b841bc13d7d7c259bd3bb1841a8f8a9d9b0f2bef83e53b326b0ebe
- SSDEEP
  
  3072:BteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzN9qM:Nq7fYIHBZkTB6DWruUCOwjt
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader