dridex | 95f0414757da47239aa620ff69ed76083daac4539bae1787174f90cb48dcf054 | Triage

Sharing

General

Target

JaffaCakes118_95f0414757da47239aa620ff69ed76083daac4539bae1787174f90cb48dcf054
Size

161KB
Sample

241221-3rg1nsvkcm
MD5

5defd575211a25f5fdfe044d848b2e7c
SHA1

7e36151ce0ea8b4b6d9ef8abfc1dd697d7c365c6
SHA256

95f0414757da47239aa620ff69ed76083daac4539bae1787174f90cb48dcf054
SHA512

623c9943985272a75f64aa654b3be5358f8523ad0cb121f9f04a9d5b70379829681623919fc323bf2c5eb95ad34420390b0642194bbcd85dd65c7c13c5d486a8
SSDEEP

3072:pK4Dcp/qdOUKcT1GpvO0nygcp0DvA/fxHbeXaUDwOvHvWM:TDBdOlG0nyg1DvwxgZ/v

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

45.55.134.126:443

67.207.83.96:8172

193.160.214.95:4125

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_95f0414757da47239aa620ff69ed76083daac4539bae1787174f90cb48dcf054
- Size
  
  161KB
- MD5
  
  5defd575211a25f5fdfe044d848b2e7c
- SHA1
  
  7e36151ce0ea8b4b6d9ef8abfc1dd697d7c365c6
- SHA256
  
  95f0414757da47239aa620ff69ed76083daac4539bae1787174f90cb48dcf054
- SHA512
  
  623c9943985272a75f64aa654b3be5358f8523ad0cb121f9f04a9d5b70379829681623919fc323bf2c5eb95ad34420390b0642194bbcd85dd65c7c13c5d486a8
- SSDEEP
  
  3072:pK4Dcp/qdOUKcT1GpvO0nygcp0DvA/fxHbeXaUDwOvHvWM:TDBdOlG0nyg1DvwxgZ/v
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader