dridex | f478f5ad250e88751fcb69dc044f853969fac42115f0dc2c82c81334f950829d | Triage

Sharing

General

Target

78f460b30cf8a63f637479d6697dce10N
Size

196KB
Sample

240911-ptvgws1dlc
MD5

78f460b30cf8a63f637479d6697dce10
SHA1

e5b1d85f5321bd0b2df86faa8ce695dd75708116
SHA256

f478f5ad250e88751fcb69dc044f853969fac42115f0dc2c82c81334f950829d
SHA512

f76c826528528f07e4f996ed028795d98162d1c26ae14ed9334ff09f95ad2f1791af9fb19d2da87414ce0ffb66d879a0cabc96f1aff4cd41c6cf405bd3515860
SSDEEP

3072:luCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJl:pzWxkOP4p2EesvcDi6DOHPJq

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.76.1.150:443

50.249.212.98:23399

104.168.154.79:5007

rc4.plain

rc4.plain

Targets

- Target
  
  78f460b30cf8a63f637479d6697dce10N
- Size
  
  196KB
- MD5
  
  78f460b30cf8a63f637479d6697dce10
- SHA1
  
  e5b1d85f5321bd0b2df86faa8ce695dd75708116
- SHA256
  
  f478f5ad250e88751fcb69dc044f853969fac42115f0dc2c82c81334f950829d
- SHA512
  
  f76c826528528f07e4f996ed028795d98162d1c26ae14ed9334ff09f95ad2f1791af9fb19d2da87414ce0ffb66d879a0cabc96f1aff4cd41c6cf405bd3515860
- SSDEEP
  
  3072:luCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJl:pzWxkOP4p2EesvcDi6DOHPJq
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader