dridex | d3afb62594817dba57cf84ba533437fc645fcc75085781e2640787c0d7bcd38b | Triage

Submit
Reports

Overview

overview

Static

static

3

db319d2a5c...18.dll

windows7-x64

db319d2a5c...18.dll

windows10-2004-x64

Sharing

General

Target

db319d2a5c00daff8671ea0760dfcfaf_JaffaCakes118
Size

184KB
Sample

241209-x9m2raykhy
MD5

db319d2a5c00daff8671ea0760dfcfaf
SHA1

d1d7f29e4f72fdacb3b4f175c4b4b94508541575
SHA256

d3afb62594817dba57cf84ba533437fc645fcc75085781e2640787c0d7bcd38b
SHA512

38b118f775b8ff78ba38f75a0c4b9078be67ed57ceca19564d5e52c1870d6dec9d6fa95e37a63b9adbd97ba262a94bfea0860f88699d58e902b684917e414e93
SSDEEP

3072:joPiHI0b3EcyGgkwMBk7aZcRtEwMn4q1jGohwHHSzyDmIY:joP6I0FgkwMWNYKr

Score

10^/10

dridex 22203 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

db319d2a5c00daff8671ea0760dfcfaf_JaffaCakes118.dll

Resource

win7-20240708-en

dridex 22203 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

db319d2a5c00daff8671ea0760dfcfaf_JaffaCakes118.dll

Resource

win10v2004-20241007-en

dridex 22203 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain

rc4.plain

Targets

- Target
  
  db319d2a5c00daff8671ea0760dfcfaf_JaffaCakes118
- Size
  
  184KB
- MD5
  
  db319d2a5c00daff8671ea0760dfcfaf
- SHA1
  
  d1d7f29e4f72fdacb3b4f175c4b4b94508541575
- SHA256
  
  d3afb62594817dba57cf84ba533437fc645fcc75085781e2640787c0d7bcd38b
- SHA512
  
  38b118f775b8ff78ba38f75a0c4b9078be67ed57ceca19564d5e52c1870d6dec9d6fa95e37a63b9adbd97ba262a94bfea0860f88699d58e902b684917e414e93
- SSDEEP
  
  3072:joPiHI0b3EcyGgkwMBk7aZcRtEwMn4q1jGohwHHSzyDmIY:joP6I0FgkwMWNYKr
Score

10^/10

dridex 22203 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22203botnetdiscoveryloader

behavioral2

dridex22203botnetdiscoveryloader

© 2018-2025

Terms | Privacy