dridex | a2165f46bfc5fc952fcec75ef9733d66b8991260f59131c2ed1b5cc040712c49 | Triage

Sharing

General

Target

a2165f46bfc5fc952fcec75ef9733d66b8991260f59131c2ed1b5cc040712c49
Size

177KB
Sample

241221-tpaddasncw
MD5

b4ffb69e0b42c88d069019edac0570a5
SHA1

fd030e46d5a019dc7e9976c6ee6df98aafefce32
SHA256

a2165f46bfc5fc952fcec75ef9733d66b8991260f59131c2ed1b5cc040712c49
SHA512

8a0381c6a5190f543ffd6b5d30917cf4f8b0d660213dc6ef4f699855b92fc6173c9353ae8bfe131437a653c3c432f5beabd13a10df8f21c023162a944fa75c0c
SSDEEP

3072:/uCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJ:7zWxkOP4p2EesvcDi6DOHPJ

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.76.1.150:443

50.249.212.98:23399

104.168.154.79:5007

rc4.plain

rc4.plain

Targets

- Target
  
  a2165f46bfc5fc952fcec75ef9733d66b8991260f59131c2ed1b5cc040712c49
- Size
  
  177KB
- MD5
  
  b4ffb69e0b42c88d069019edac0570a5
- SHA1
  
  fd030e46d5a019dc7e9976c6ee6df98aafefce32
- SHA256
  
  a2165f46bfc5fc952fcec75ef9733d66b8991260f59131c2ed1b5cc040712c49
- SHA512
  
  8a0381c6a5190f543ffd6b5d30917cf4f8b0d660213dc6ef4f699855b92fc6173c9353ae8bfe131437a653c3c432f5beabd13a10df8f21c023162a944fa75c0c
- SSDEEP
  
  3072:/uCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJ:7zWxkOP4p2EesvcDi6DOHPJ
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader